Michael Magrath, Director, Global Regulations & Standards, OneSpan, Inc., says: "The sad truth is that many of the affected individuals in the DoD breach had been victimized in other large and small-scale breaches over the past few years, including 2015’s Office of Personnel Management breach that affected 21.5 million federal employees and contractors.
"The treasure trove of personally identifiable data on the Dark Web just continues to grow, enabling fraudsters and steal identities or create new, synthetic identities using a combination of real and made-up information, or entirely fictitious information. For example, the personal and credit card information obtained in the DoD breach could be crossed referenced with data obtained from the OPM breach and other widely publicized private sector breaches.
"Cyberattacks will continue and it is imperative that public and private sector organizations not only deploy the latest in authentication and risk based fraud detection technologies in their organizations, but also make sure that all third party partners have equal cybersecurity measures in place."