When a bad actor correlates the data heisted in the Office of Personnel Management (OPM) breach and that of another breach like the ones at Ashley Madison or Anthem, the results will be devastating to privacy and long-lasting, according to a panel at SC Congress Chicago on Tuesday.
“The length and depth of the information [in the OPM breach] is profound,” said William Barouski, senior vice president and deputy chief information security officer (CISO) at Northern Trust Corp. Used “in concert” with medical information exposed in Anthem, which is really difficult if not impossible to change, and a cybercriminal could get a complete picture of a victim's life that could be used in the future for extortion or other criminal purposes.
“The scariest thing about the information in Anthem is in the longevity of the information,” contended Todd Fitzgerald, global director of information security at Grant Thornton International, who said he thinks it's unlikely that no medical information was taken in the breach that exposed the data of 80 million people, as Anthem has stated.
“It's not just data on current people with health issues, but the children whose Social Security numbers are known,” he said, adding “think of all the years the taken information can be [used].”
The two panelist stressed the importance of protecting the privacy of users. “Privacy is really a fundamental human right, “ Fitzgerald stressed. “Even the people on Ashley Madison deserve to have their privacy protected.”