Expert Reaction On Central Bank Mistakenly Shares Private Data of Union Bosses

It has been reported that the fear of security was raised after the Central Bank mistakenly exposed the names and home addresses of credit union bosses. The data breach has forced the bank to issue a groveling apology after it blundered by releasing the personal information to third parties. Names and addresses of around 50 credit union chairpersons and chief executives, many of whom hold keys to credit union premises, were given out in error.

Experts Comments

September 08, 2021
Trevor Morgan
Product Manager
comforte AG

The Central Bank is now dealing with the embarrassing situation of having erroneously given out the personal information (PII) of many dozens of credit union bosses. In a case of oversharing, the Central Bank fielded a request by a third party by sending too much personal information about these data subjects. What is interesting about this situation is the open admission that the incident was due to “human error.” We tend to think that cybersecurity attacks and data breaches are due to

.....Read More

The Central Bank is now dealing with the embarrassing situation of having erroneously given out the personal information (PII) of many dozens of credit union bosses. In a case of oversharing, the Central Bank fielded a request by a third party by sending too much personal information about these data subjects. What is interesting about this situation is the open admission that the incident was due to “human error.” We tend to think that cybersecurity attacks and data breaches are due to ingenious acts of brilliant but nefarious hackers. Sometimes that is actually the case, but it’s not the majority of cases. In reality, the majority of incidents are caused by human error on the organization’s side: misconfigurations, chaotic data security policies, under-trained employees, a weak culture of data security and privacy, and of course as in this incident, accidental release of (too much) information. The solution is multi-dimensional: remove human error through effective automation, create data policies and procedures that are clear and that reinforce a strong culture of cybersecurity, and of course use the most effective data-centric security such as format-preserving encryption and tokenization to protect the data itself in case it gets into the wrong hands.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.