Personal data collected for almost six months were revealed
Enterprise network security experts from the International Institute of Cyber Security report that a configuration error on the TCM Bank website exposed sensitive information from thousands of people who applied for credit cards between early March and mid-July this year. TCM, which helps more than 750 community and small banks issue credit cards to their account holders, blames a third party responsible for their website management.
Anyways, experts in enterprise network security believe that this is not enough excuse, since companies cannot delegate to a third party the total responsibility for their enterprise network security. From the point of view of the affected consumer, leaked data is the responsibility of the organization. Policymakers have also taken that stance and several regulations to make organizations responsible for the security services they hire from third parties.
The problem is the lack of control companies have over their third parties.
During the research process, companies can scan and monitor their service providers to receive a continuous view of the third parties’ security measures. The most advanced versions offer simple tools for collaboration and participation between companies and third parties for high security standards. It is a process that benefits and protects both the company and third parties.
For enterprise network security specialists, data breach in TCM Bank is potentially dangerous to all affected. This leaking of data from credit applications is so serious that it can be used for identity theft and other types of fraud.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.