I found this article really interesting, especially since a few of our cases in class actually appear on the list. It also demonstrates how vulnerable so many people are and the immensity of the hacks. These are large scale hacks which culminate in millions of people losing the security and protection of their private, sensitive information. Here are the top ten with brief descriptions of the hacks:
1. Heartland Payment Systems (2009) more than 130 million people had their credit and debit card numbers stolen and transactions processed against them. It is considered the largest breach in credit card history.
2. TJX (2005) as discussed in class 45 million customers had their customer records hacked and sensitive information stolen from them.
3. US Dept. of Veteran Affairs (2009) a different case than the one we discussed in class. Here a defective hard drive was sent off for repairs and recycling without being erased. 76 million veterans were affected in the security breach.
4. Card System (2005) 40 million card users had their card information stolen and used by hackers 100,000 were Visa users and 68,000 MC
5. US Dept of Veteran Affairs (2006) This is the case we discussed in class where a laptop was stolen. In return for losing the data, the VA monitored credit for all veterans affected for a year costing $160.5M
6. Bank of New York Medallion (2008) data tapes, en route, were lost/stolen from the Bank. 12.5 million people were affected. Most of the tapes included social security numbers as well as back account numbers.
7. Certegy (2007) an employee stole customer records amounting to 8.5 million people. The employee is in jail now and paying off a multi-million dollar fine.
8. TD Ameritrade (2007) a database was hacked compromising the data on 6.3 million customers
9. CheckFree (2008) hackers hacked onto the site stealing domain names. This allowed them to transfer customers to their webpage which installed malware on to their computer. 5 million people were affected.
10. Hannaford Bros. Chain (2009) 4.2 million people were affected when hackers broke into the computer system and stole credit and debit card numbers.
What I find a little disturbing is that the oldest year listed is only 2005, 5 years ago. This shows that hackers are finding ways in that cause more harm to more people. It shows how much potential this threat has and that security measures are just not holding up anymore. Companies are going to need to begin taking security measures seriously and focusing more on the potential future litigation losses and how their customer base may be affected than the bottom line costs of implementation.
http://abcnews.go.com/print?id=10905634
Friday, October 8, 2010
Subscribe to:
Post Comments (Atom)
Posts
This list proves that hackers are still developing new ways to breach security, despite the efforts of many credit card companies trying to protect themselves from the like. Hackers are continuously finding ways around firewalls and into encrypted files containing valuable information to users of credit cards. I can recall identity theft being a major issue (and still is) in the past five years, as hackers have made their presence felt with stealing social security and bank account numbers.
ReplyDeleteOne would think that other companies would learn from previous cases dealing with hacking, about how to protect themselves from the potential threat. Instead,with every hack, important data is taken and placed in the wrong hands. Credit card companies suffer the consequences and have to dish out large sums of money in damages for their gap in security. Not only do the credit card companies suffer, but the users/members can no longer feel secure with their important and valuable data in the hands of hackers,who can potentially sell that information to someone else to improperly use.
This is an important issue that should have everyone's awareness, as the majority of people use credit cards and debit cards to make purchases online (e-commerce) and in retail stores. As Kelly states, users are very vulnerable to the attacks of the hackers, and from this list it seems as if there is no security, firewall or encryption that will stop their hacking efforts.
I may echo some of the points made by thesituation and kflynn5, but I thought this article was interesting - especially since a few of the cases we studied in class.
ReplyDeleteIt has become very evident through the different cases we have studied in class that hackers are becoming more and more advanced. It is necessary for companies to realize this and advance their security at a faster pace. They need to learn lessons from their peers. The most embarrassing breach of security is for the VA (they had two of the largest breaches of security on the list).
Companies at risk, according to the list, seem to be those that store valuable/important information for users or members.These companies/organizations need to update their security to keep up with their security. They should use longer and more complex encryption in order to minimize the chances that hackers can get to the sensitive information.
As for users, they seem to have almost no defense. Their best bet is to use common sense. Don't give information to unreliable sources.