De-anonymization testing of sensitive internal data structures

Institutions gathering, storing and interacting with sensitive data are concerned about the quality of encryption of their internal communication – and they should be, as 46-80% of data-security breaches are of internal origin. However, most of internal breaches are not caused by hacking the encryption over sensitive communication, but by exploiting the weaknesses of end-gates of communication.
 

How does it work?
Institutions communicate fragments of internal data to third parties. While they anonymize the data or provide the third parties only with aggregated data, these aggregates could be still used to obtain sensitive information from the system. Even though, the sensitive information were not visible in any of aggregates, provided to third parties via number of communication gates, by combining these aggregates, attackers are usually able to extract critical information from the system. This analytical process is called data cross-referencing, and contains a number of data extraction methods.

Example
Did you know that approximately 87% of individuals in the U.S. population are uniquely identifiable and tractable only by obtaining thee pieces of information: gender, ZIP code and birthdate? All 3 variables are publicly available and are not considered as “sensitive information”. However, if you correctly cross-reference these public information, you are able to reach for sensitive information about specific person (e.g. where they live, their occupation).
We test client’s data manipulation and data communication processes and optimize them, to minimize the chance of de-anonymisation of sensitive information.