2008 Study on the Uncertainty of Data Breach Detection in the United States
Source: Ponemon Institute
A recent data breach involving Lending Tree, a mortgage lender, illustrates the risk posed by the malicious insider. According to reports of the breach, outside loan companies may have accessed information, including Social Security numbers between October 2006 and early 2008 and used this information to market their own mortgages to Lending Tree customers. It is believed that several former employees may have shared their confidential passwords with lenders that were not approved by the company. It is unknown how many consumer records were compromised. Data breach notification laws and privacy regulations require organizations to inform victims of a data breach in a timely manner. These laws have placed increased importance on an organization's ability to determine the cause of the data breach and individuals affected.