微信客服:xiaoxionga100
微信客服:ITCS521
CSE1ICB-无代写-Assignment 3
时间:2024-05-17
CSE1ICB Introduction to Cybersecurity LAB latrobe.edu.au
Assignment 3: Case Study on the world’s biggest data breach
Instruction
• Please submit via CSE1ICB LMS page Assignment submission section.
• This is a group activity, and you are required to work with your respective group members. No individual
submission will be accepted.
• This assignment is due on Week 11: 11:59 pm (AEST/AEDT), Friday 24th May 2024.
• Evaluation: 35 marks (= 35% of your final grade)
• You must submit your assignment only as a PDF or DOC file. Only ONE group’s member should submit.
• Please write group members’ full names and student numbers on the top of the first page.
Section 1: Examining Data Breaches (20 Marks)
A data breach is when data is stolen or shared by an unauthorised person or third-party. Cyber criminals
around the world can take advantage of data breaches to steal your money, identity, and gain access to other
valuable information. Data breaches are some of the most high impact security events and occur annually not
only for small businesses and organisations, but also for famous companies and governmental sectors.
You need to use the following link to explore some of the biggest data breaches that occurred between 2020
and 2024. You can scroll down on the website to explore the data breaches in various large and small
companies all over the world. The size of the bubbles indicates the impact and number of people affected.
You can click “Read a bit more” to see the original report. To complete your report, you may need to search
more about the data breach either on the web or by reviewing related academic papers.
Select up to five data breaches that occurred between 2020 to 2024 and write a report about the data breach
and include the following points in your report (Note: The number of breaches chosen needs to equal your
group size. For instance, if your group includes four members, you need to select four data breaches).
1. Identify the victims and impacts of damage.
2. What was the method of leak or explain how the data was stolen or revealed (find the weakness)
3. Which security control of mechanism could have prevented the leak
Reference Link
World's Biggest
Data Breaches
https://www.informationisbeautiful.net/visualizations/worlds-biggest-
data-breaches-hacks
CSE1ICB Introduction to Cybersecurity LAB latrobe.edu.au
Section 2: Preparing a data breach response plan (15 Marks)
Once a data breach is identified, the incident response team of the organization needs to notify appropriate
parties such as business manager(s) and law enforcement and plan a response to the incident – suppose that
you were in the cyber incident response team of an affected company from Part 1. Select two breaches as
reported in Part 1, and then complete the following:
• You are responsible for notifying the business Chief Executive Officer (CEO) about the data breach. You
need to prepare and write a formal letter to notify the CEO based on the following template (you may refer
to week 11 lecture about incident response to complete this section – using other reliable online source is
also acceptable).
Date:
NOTICE OF DATA BREACH
Dear CEO,
What happened? [Describe how the data breach happened, the date
of the breach, and how the stolen information has
been misused (if you know).]
What information was involved? [describe the type of personal information that may
have been exposed due to the breach]
What we have done (the action taken so far) and
what we are doing now
[Describe how you are responding to the data
breach, including: what actions you’ve taken so far
to remedy the situation; what steps you are taking
to protect individuals whose information has been
breached]
How to limit the consequences of attack [Describe how a quick response is arranged, a
quick response can reduce the likelihood of
affected users suffering from harm. It can reduce
both financial and reputational damage.]
What response plan do we propose? (How to
avoid further threats)
[Describe the plan you devised to avoid further
similar data breaches. Such a strategy identifying
and addressing any weaknesses in data handling
that contributed to the breach]
[Insert closing]
Your Name (include your team member)
CSE1ICB Introduction to Cybersecurity LAB latrobe.edu.au
Notes
• Referencing is required for Section 1: References are assessed in this assessment, you should
draw on quality academic sources, such as Websites, books, chapters from edited books, articles,
journals, etc. Referencing style is optional but it needs to be consistent.
• You should use between 800 and 1000 words per student in a group (For instance, a group of four
members should write about 3200 – 4000 words in total).
• Submit a PDF or DOC file. As your submission will be checked by Turnitin – Don’t submit a zip file!
Assignment 3: Case Study on the world’s biggest data breach
Instruction
• Please submit via CSE1ICB LMS page Assignment submission section.
• This is a group activity, and you are required to work with your respective group members. No individual
submission will be accepted.
• This assignment is due on Week 11: 11:59 pm (AEST/AEDT), Friday 24th May 2024.
• Evaluation: 35 marks (= 35% of your final grade)
• You must submit your assignment only as a PDF or DOC file. Only ONE group’s member should submit.
• Please write group members’ full names and student numbers on the top of the first page.
Section 1: Examining Data Breaches (20 Marks)
A data breach is when data is stolen or shared by an unauthorised person or third-party. Cyber criminals
around the world can take advantage of data breaches to steal your money, identity, and gain access to other
valuable information. Data breaches are some of the most high impact security events and occur annually not
only for small businesses and organisations, but also for famous companies and governmental sectors.
You need to use the following link to explore some of the biggest data breaches that occurred between 2020
and 2024. You can scroll down on the website to explore the data breaches in various large and small
companies all over the world. The size of the bubbles indicates the impact and number of people affected.
You can click “Read a bit more” to see the original report. To complete your report, you may need to search
more about the data breach either on the web or by reviewing related academic papers.
Select up to five data breaches that occurred between 2020 to 2024 and write a report about the data breach
and include the following points in your report (Note: The number of breaches chosen needs to equal your
group size. For instance, if your group includes four members, you need to select four data breaches).
1. Identify the victims and impacts of damage.
2. What was the method of leak or explain how the data was stolen or revealed (find the weakness)
3. Which security control of mechanism could have prevented the leak
Reference Link
World's Biggest
Data Breaches
https://www.informationisbeautiful.net/visualizations/worlds-biggest-
data-breaches-hacks
CSE1ICB Introduction to Cybersecurity LAB latrobe.edu.au
Section 2: Preparing a data breach response plan (15 Marks)
Once a data breach is identified, the incident response team of the organization needs to notify appropriate
parties such as business manager(s) and law enforcement and plan a response to the incident – suppose that
you were in the cyber incident response team of an affected company from Part 1. Select two breaches as
reported in Part 1, and then complete the following:
• You are responsible for notifying the business Chief Executive Officer (CEO) about the data breach. You
need to prepare and write a formal letter to notify the CEO based on the following template (you may refer
to week 11 lecture about incident response to complete this section – using other reliable online source is
also acceptable).
Date:
NOTICE OF DATA BREACH
Dear CEO,
What happened? [Describe how the data breach happened, the date
of the breach, and how the stolen information has
been misused (if you know).]
What information was involved? [describe the type of personal information that may
have been exposed due to the breach]
What we have done (the action taken so far) and
what we are doing now
[Describe how you are responding to the data
breach, including: what actions you’ve taken so far
to remedy the situation; what steps you are taking
to protect individuals whose information has been
breached]
How to limit the consequences of attack [Describe how a quick response is arranged, a
quick response can reduce the likelihood of
affected users suffering from harm. It can reduce
both financial and reputational damage.]
What response plan do we propose? (How to
avoid further threats)
[Describe the plan you devised to avoid further
similar data breaches. Such a strategy identifying
and addressing any weaknesses in data handling
that contributed to the breach]
[Insert closing]
Your Name (include your team member)
CSE1ICB Introduction to Cybersecurity LAB latrobe.edu.au
Notes
• Referencing is required for Section 1: References are assessed in this assessment, you should
draw on quality academic sources, such as Websites, books, chapters from edited books, articles,
journals, etc. Referencing style is optional but it needs to be consistent.
• You should use between 800 and 1000 words per student in a group (For instance, a group of four
members should write about 3200 – 4000 words in total).
• Submit a PDF or DOC file. As your submission will be checked by Turnitin – Don’t submit a zip file!
