What happened?
The Oklahoma Eastern Shawnee Tribe (OEST) announced on December 15, 2023, that its casinos and gaming operations were affected by a data breach that occurred on December 1, 2023. The breach compromised the personal and financial information of some tribal members, employees, and vendors.
According to the tribe’s news release, the breach was caused by a third-party vendor that provided payment processing services to the tribe’s casinos. The vendor failed to encrypt the data transmitted between its servers and the tribe’s network, resulting in unauthorized access by hackers.
The tribe said it immediately notified the affected parties and took steps to contain and remediate the breach. The tribe also offered free credit monitoring and identity theft protection services to its members for one year.
How many people were impacted?
The tribe did not disclose the exact number of people who were impacted by the breach, but said it was a small percentage of its total membership. The tribe estimated that about 10% of its members were potentially affected by the breach.
The tribe also said it did not have any evidence of fraud or misuse of the stolen data as of December 15, 2023. However, it advised its members to be vigilant and report any suspicious activity or transactions to their banks or credit card companies.
What are the legal implications?
The tribe said it is cooperating with law enforcement agencies and regulators to investigate the breach and pursue any legal action against the vendor responsible for the breach. The tribe also said it is reviewing its contract with the vendor and considering terminating it if necessary.
The tribe said it is committed to protecting its members’ privacy and security and providing them with timely notice and assistance in case of a data breach. The tribe also thanked its members for their trust and support during this challenging time.
What are some best practices for preventing data breaches?
Data breaches are becoming more common and costly for businesses and organizations of all sizes. According to a report by IBM Security, there were 4.48 billion records exposed in data breaches in 2020, an increase of 30% from 2019. Data breaches can result in financial losses, reputational damage, legal liabilities, regulatory fines, customer dissatisfaction, and loss of trust.
To prevent data breaches from happening or minimizing their impact, some best practices include:
- Implementing strong encryption methods for sensitive data
- Using secure protocols for transmitting data over networks
- Updating software and systems regularly to fix vulnerabilities
- Educating employees on how to recognize phishing emails and other cyberattacks
- Conducting regular audits and assessments of security policies and procedures
- Having a backup plan in case of a disaster or emergency
Data breaches can be devastating for any organization or individual. However, by following these best practices, you can reduce your risk of becoming a victim of cybercrime.