Wk-5 D2



In this discussion, I am going to talk about the data breach on the Fetal Diagnostic Institute of the Pacific in Honolulu, HI. I have posted the link under References [1].

It was cyberattack that potentially breached close to 41,000 patients. Their PII was compromised. The hackers breached one of the institute servers, which included some patient records. The officials acted to contain the incident and contacted a cybersecurity firm. They were able to successfully remove the virus, clean the system and immediately contained the attack but they expected up to 41,000 patient information could have been compromised. The data of both past and current patients were impacted by the breach but the FDIP claimed they do not store the credit card details on their servers.

How could this have been avoided or control strategies to mitigate these:

The best ways to avoid any cyber-attack is by improving authentication and encryption.

Two Factor Authentication is one place to start with. 2FA expects whoever trying to access their data to confirm their identity in two different ways and this will be a problem for those who try to hack or use brute force kinds of attacks to hack into the system. There is always the extra safety that if a hacker could get one component right, he is probably going to get the next one wrong and so there will still be some level of trust. With this, you have a second layer of authentication and rather than entering just a username and password, you should validate yourself in 2 different ways. While this is only used in personal commodities like to access an electronic device or maybe to login to your bank account online, it might be too complicated for a health account but if we need to have security, its always best to use the safest way. This makes it harder for the attackers to access the online accounts because knowing the victim’s password alone is not enough to pass the authentication check. In single-factor authentication, user ID and password are not trustworthy. The major problem with password-based authentication is that not many people create and use diligent passwords and fail to change often even after reminders. Passwords are also prey to external threats, to brute force attacks, or even rainbow table attacks. Given time and resources, the password-based system can be easily hacked, and it’s being done easily in the modern-day world. All these can be avoided using 2FA. Different devices and services are used for implementing 2FA from tokens and RFID cards to smartphone apps. 2FA products can be divided into two categories: tokens which are provided to users to use to get into their account, and software that recognizes and authenticates users. This 2FA can also make use of an extra token/biometrics/voice recognition and any one of this can be used on top of the usual password to make it harder for it to be compromised. By having this 2FA, it wouldn’t have been easy for the attacker to get into the server and gain access to all this information.




I want 150 words explanation on above paragraph. you must include at least two citations and 2 references., your sentence must be start from, I like your post, I would like to add some more details on your discussion….


The selected article that outlines a recent security breach involves Credential Stuffing Attack Again that was experienced by Dunkin. The article has been retrieved from https://www.pymnts.com/news/security-and-risk/2019/dunkin-credential-stuffing-attack/.  By description, credential stuffing takes place when hackers employ combinations of usernames and passwords which are leaked from the other Websites and use them to get into other accounts at another website.  One control that would militate against credential stuffing is to use two-factor authentication (2FA). 2FA offers an additional layer of security and protection for the user accounts. With two-factor authentication (2FA), both username and password are needed for authentication and thus, entrenching the security model making it more complicated for the attacker to bypass or hack (Zhang et al., 2018). Since 2FA requires the second type of identification such as verification through SMS, which the hacker may not have, it reduces the chances that the hacker impersonates a user and gain access to the computers and reduces unauthorized access (Zhang et al., 2018).


Pymnts. (2019). Dunkin’ Falls Victim To Credential Stuffing Attack Again. Retrieved from https://www.pymnts.com/news/security-and-risk/2019/dunkin-credential-stuffing-attack/


I want 150 words explanation on above paragraph. you must include at least two citations and 2 references., your sentence must be start from, I like your post, I would like to add some more details on your discussion….

If you need assistance with writing your assignment, essay, our professional assignments / essay writing service is here to help!

Order Now