Authentication Controls Failure
Abstract
The main aim of this assignment is to find out two scenarios, where controls have failed to fulfil a single factor and multifactor model of authentication within the last two years. After analysing why the two authentications failed, we are to recommend the mitigations on the control measure of authentication.
Scenario one: Slickwraps is hacked
Slickwraps, a company that produces vinyl skins for tablets, laptops and phones, agonised a noteworthy data fissure that affected their meaningful personal data of the customers of above 330,0000 in numbers. The hackers made an arraignment of Slickwraps security procedures and publicised the database of particular data of the company’s customers. The case was reported on 25th of February by the Verge.
Slickwraps’s spokesperson reported,” As part of our investigation, we detected suspicious activity affecting a minimal number of Slickwrap accounts. We have notified the individual users, and team owners who we believe were impacted and are sharing details with their security teams.” Don't use plagiarised sources.Get your custom essay just from $11/page
Slickwrap’s CEO apologised to the customers via Twitter’s video post and assured them that the company had already started to work on the new phone case customization page that intends to be launched this year. This will be part of the mitigation to enforce password kill switch and two-factor authentications. (Jay P,2020).
Scenario two: OXO’ data breach
OXO is a New York-based manufacturer of homeware, kitchen utensils and office appliances. They had been hacked two manifestations in a row for two years. The new scenario was reported on 17TH December 2018. Customer’s information was exposed on their website. Unauthorised code was found on OXO’s website, which collected customer’s vital information such as credit card details. The breach affected several customers as reported by the management.
The intruders used the credit card from the current customers made it possible for the intruders to work around the two-factor authentication against the OXO’s company even though the mode of authentication was present(Charlie O, 2019)
MITIGATION
For the case of OXO company credit card tokening is recommendable as it contains an additional feature which adds an extra layer of protection.
For the Slickwraps company, it is advisable to execute authentication security policy. Only the required data will be displayed to the customers to cut across the customer access to the data to avoid data breaches.
Conclusion:
Cyber-attacks security is a must in today’s world of technology. Single-factor authentication has become a way too much used by hackers compared to the single password authentication. The downfall of the single factor was experienced when the two-factor authentication was introduced. End-users have to be cautious when cybersecurity attacks are to be undermined.
Reference
Jay P. (February 2020). Slickwraps apologises to customers after comically bad data breaches. Retrieved from: https://www.theverge.com/2020/2/25/21153434/slickwraps-apologizes-customers-bad-data-breach
Charlie O. (January 2019). OXO international discloses data breaches. Retrieved from: https://www.zdnet.com/article/oxo-international-discloses-data-breach-customer-data-over-two-years-impacted/