MWEB Business: Hacked (Page 367)

1. What technology issues led to the security breach at MWEB? 

Technology issues that led to the security breach at MWEB is MWEB Business subscribers’ account details were compromised when their logon and password details were published on the internet by hackers. This is because it appears that hackers gained access to web based Internet Solutions’ self-service management system that MWEB Business uses to provide and manage business accounts that have not been migrated to the MWEB network.  

2. What is the possible business impact of this security breach for both MWEB and its customers?

• The security breach give a big impact for both MWEB Business and its customers. The possible business impact of this security breach for MWEB are this security breach forces MWEB to notify their customers and find the possible solutions for the problem and to work together with Internet Solution to solve those issues. 

• Besides, they will lose trust from their customers and face difficulties to gain back their trust. Furthermore, they need to immediately implement proper policies and controls of their systems and at the same time they need to prepare for legal action and financial risks. 

• Therefore, those impacts will be the threat to customer retention and reputation. They need for explanation about the issue from MWEB. 

• In the other hand, the possible business impacts of this security breach to their customers are the customers need for the explanation about the issues and the behavioral recommendations regarding the problems. The other impacts that the customers need to face are losing of their personal information which is privacy for them and they need to face with loss of data or inaccuracy. 

• At the same time, they are facing with inconvenience regarding the problems because they have to recreate or change their password and facing the possibility of the service could not be accessed.

 3. If you were an MWEB customer, would you consider MWEB’s response to the security breach to be acceptable? Why or why not?

• If we were an MWEB customer, we would consider MWEB’s response to the security breach to be acceptable. There were several reasons for the considerations. One of the reasons was MWEB responded quickly to the hacking incident. 

• MWEB also has been contacting their customers to reset their passwords, as an added security measure. Besides, they were also quick to note that no personal information was lost and that none of MWEB’s clients suffered any losses as their usernames and passwords had been recreated and changed. 

• Furthermore, MWEB successfully repels 5,000 attacks a day. In addition, MWEB was working closely with Internet Solutions to investigate the nature and source of the breach to ensure that it does not happen again. 

 4. What should MWEB do in the future to avoid similar incidents?

• To avoid similar incidentsin the future, MWEB should implements up to date security or devices or protocol to their network such as digital certificates, intrusion detection system, Management Information System(MIS) audit, regular and thorough testing and lastly improved identity management. 

• Besides, MWEB should proactively took immediate action to evaluate the extent of the breach and to limit any damages. 

• At the same time, MWEB should constantly advises its customers to be vigilant regarding their online data and security. 

• Moreover, MWEB should working closely with Internet Solutions to investigate the nature and source of the breach. Those suggestions or recommendations are important to avoid similar incidents in the future.