FoxNews.com — Huge government data breach ‘inexcusable,’ security experts say

Posted on Jun 5, 2015 in Quoted by Press |


data breach inexcusable

Huge government data breach ‘inexcusable,’ security experts say

In an article by FoxNews.com science & technology editor James Rogers, several security industry experts expressed concerns about how hackers were able to breach the critical systems of the Office of Personnel Management (OPM). Protegrity CEO Suni Munshani called the poor data security practices “inexcusable.”


 

The huge data breach that may have compromised the personal data of at least 4 million current and former federal employees could have been avoided with better use of data protection technologies such as encryption, security experts say.

Hackers based in China are suspected to be behind the breach, which compromised data from the Office of Personnel Management (OPM) and the Interior Department. If confirmed, the incident would be the second major breach by Beijing in less than a year. However, a spokesman for the Chinese Embassy in Washington called such accusations “not responsible and counterproductive.”

Security specialists have voiced their concern that critical government systems could suffer a breach on this scale.

“It’s inexcusable for a government agency to allow a data breach like this to occur,” said Suni Munshani, CEO of data security software specialist Protegrity, in a statement emailed to FoxNews.com. “The names and personal information of our government employees is a vital asset to our country and should not be allowed to get in the hands of a foreign government.”

 

From government agencies to private companies, all organizations need to provide data-level protection, according to Munshani. “It’s no longer acceptable to just focus on the perimeter,” he explained. “The data itself needs to be protected at a granular level.”

. . .

In addition to encryption, technologies such as ‘tokenization’ are available to protect data. Tokenization, which is touted by Protegrity, effectively ‘masks’ sensitive data with replacement values that hold no value to a potential thief.

The full article can be found here.