The Third Phase of Security Incident Response
Be honest. How solid is your company's security incident response? ancestry.com went into full lockdown today in response to a leak at its community-driven site RootsWeb. 300,000 (or more?) passwords, email addresses and user names. As of this post, they're still offline. Why the long downtime? Maybe their SOC personnel are all on holiday...
The company states credit card data wasn't exposed, but the above data is bad enough for accessing other sites with reused credentials and multi-factor authentication disabled.
At Trestle Networks, we work closely with our Managed Security and Managed WiFi (powered by Mojo Networks) customers to secure all credentials, require multi-factor authentication and tightly restrict role-based access -- especially for PCI DSS 3.2 compliance. Don't be a victim. Contact me to learn more and sign up for trestleNEWS to receive these daily posts.