This Week: Steep Discounts and Limited Loyalty

Next: This Week: Scams "R" Us and Police Database...
Previous: This Week: Rising Fraud, and Cute But Dangerous...
Overheard at Yahoo HQ: rousing rounds of "just keep swimming!"
February 24, 2017

The Terbium Analyst Team is on the front-line of combatting dark web myths and legends. Whether it's a threat report, white paper, or blog post, the Analyst Team's job is to know things and speak intelligently about them. Other interests include weightlifting, chocolate, and accumulating obscure dark web trivia to amuse and confuse our co-workers.

This week, researchers at Carnegie Mellon University proved the point on loyalty, while Yahoo provided another sobering example of the far-reaching effects of a breach. And a recent arrest in Germany shows that that sometimes paying for an extra stamp can be the difference between a “good time” and jail time.

Breach-y (Not So) Keen

A new study from Carnegie Mellon University shows that data breaches increase the likelihood of US account holders switching banks compared to individuals at banks who did not suffer from data breaches. The researchers found customers were likely to terminate their relationship with a bank within six months following fraud, even if they did not suffer a financial loss. Five years of data from 500,000 anonymized financial services users found that customers who suffered from fraud were up to 3% more likely to change banks.

Fraud and information loss directly reflect on the brand and reputation of an organization. A data breach can cause customers to lose their faith in an organization and question the company’s reliability. While it is impossible to prevent every breach, letting customers know as soon as a problem arises is generally beneficial in the long run. Be honest, and your customers may be more loyal.

The Yahoo Saga Continues

Five months after the announcement of Yahoo’s massive data breach, the market responded yet again. Verizon and Yahoo amended the terms of their agreement on Tuesday, which lessened Yahoo’s value by $350 million.

The changes come after another round of notifications from Yahoo to its users that accounts may have been breached last year with an exploit that forged browser cookies. The attack was revealed in December, but received little attention compared to the same-day announcement of one of the largest data breaches in history – an attack that affected more than 1 billion of Yahoo’s users.

Besides the unsettling fear of further account fraud, the smaller price tag for Verizon’s purchase also reflects their concern for after-effects of the breach, such as curbed user engagement. Verizon will now split any future costs and liabilities stemming from the massive breaches.

Data breach costs are often evaluated in terms of remediation, and the cost per breached record has grown over the years as attacks have become more commonplace. But as the Verizon-Yahoo deal makes abundantly clear, costs can be hidden at the outset, and can reach significantly higher than initial projections may indicate.

One more thing: Return to Sender

A German man was busted after the postage on his package of amphetamines was 95 cents short. The parcel, which was marked with the address of a nearby business, was returned to the “sender”. The business owner swiftly reported the package to the police, claiming they had not, in fact, ordered any drugs.

RELATED ARTICLES
analysis January 08, 2019
New Commodities, New Consequences: Child Data on the Dark Web

analysis December 06, 2018
The Year Ahead: Developments in the Dark Web Data Trade

Sensitive data had a very bad year in 2018—and the year isn’t over yet. With the increase of large-scale breaches, what drives the underground economy for data on dark web markets? How will that...