💼 Scenario
CyberBank, a digital-first bank with 5 million customers, suffered a data breach that exposed 1.2 million customer records including names, account numbers, email addresses, and transaction histories. The breach originated from a compromised third-party analytics vendor that had been granted broad database access for customer behavior analysis.
Forensic investigation revealed several security failures: the vendor had access to production data with no masking or anonymization, access credentials were shared among vendor team members using a single service account, there was no monitoring of unusual data access patterns (the exfiltration occurred over three weeks), and sensitive data was not encrypted at rest in the analytics database.
The bank faces regulatory fines of up to $50 million, class-action lawsuits, and severe reputational damage. The CISO must present a comprehensive data security remediation plan to the board within 30 days, addressing both the immediate breach response and long-term security improvements.