Ever wonder why companies who have been breached will estimate the number of affected users, only to announce days, weeks, or months later that the breach was actually much larger? Take the Yahoo breach for example. Originally Yahoo estimated the number of affected customers to be around 1 billion. Over 7 months later, they announced they got it wrong – the number is closer to 3 billion, or all Yahoo users. How is it that company’s estimates are so off? The answer: Lag Time.
The amount of time between when a breach occurs and when it is discovered can be week, months, or even years. During that time, the attackers are taking full advantage of the data they have stolen and have time to go back and cover their tracks. By the time a breach is discovered, whether it is discovered internally or by a third party, the damage is already done and any data that has been leaked on the dark web has already begun to lose its value, due to overuse.
It’s important to keep in mind that companies don’t discover breaches for a significant amount of time after they have occurred, and then it is even more time before they release the details to the public (for example, Equifax). In fact, the average time frame from the moment a breach occurred to when it is made known to the public, is over 40 days. That means that by the time you know that there is even the possibility that your data was compromised, it has potentially been in the hands of the attacker for well over a month.
So, what does the mean for the consumer? Protect yourself as much as you can! Make sure your passwords are strong and never use the same password for multiple accounts; be very careful about what data you share online; and monitor your financial accounts on a regular basis.
Attacks can happen anywhere, to anyone, and any company. You can’t prevent them, so make sure you protect your data as best as you can!