Prosecutors recently arrested Lin Mun Poo, a 32-year-old Malaysian man for hacking into major U.S. corporations. Some of the corporations the man hacked include the U.S. Federal Reserve Bank of Cleveland and FedComp, a corporation that processes financial transactions for credit unions.
Apparently, Lin Mun Poo sold 1,000 dollars worth of stolen credit card numbers before U.S. officials arrested him. However, this amount was only a small portion of his business, as when The Secret Service searched his laptop, they found more than 400,000 account numbers from credit and debit cards. It is of the belief that the man obtained this sensitive information by hacking into various computer systems of financial institutions.
Poo informed investigators that he traveled to the United States in order to meet with an unidentified individual who regularly provides him with stolen credit card information. However, this was not his only method for compromising personal information. Prosecutors say he was able to compromise at least 10 computers at the Federal Reserve Bank of Cleveland and accessed more personal data belonging to members of the Fireman’s Association of the State of New York Federal Credit Union and the Mercer County New Jersey Teachers’ Federal Credit Union by hacking into FedComp. Aside from the U.S, Lin Mun Poo also admitted to hacking the computer networks of international banks and companies. Poo’s tactics for compromising data were very original. He simply accessed the information by finding and exploiting network vulnerabilities.
If I were an executive for one of the hacked companies, such as FedComp or the U.S. Federal Reserve Bank of Cleveland, I would immediately notify my customers. As we read about in the ChoicePoint case, it is extremely important to inform customers of the situation in order for them to attempt to mitigate any damage. Also, I would set up free credit monitoring for customers, which would determine if one’s information was being breached. Each company could also use free credit monitoring as a brand restoration strategy. It is also important to implement new security procedures. If Lin Mun Poo was exploiting network vulnerabilities, I think it is important to increase the security standards of the customer’s information. If I had accounts in the corporations that were hacked by Lin Mun Poo, I would most certainly utilize the free credit card monitoring by the company. Monitoring the information would allow an individual to see if their account had been breached and if any money was stolen.
http://news.yahoo.com/s/pcworld/20101118/tc_pcworld/malaysianchargedwithhackingfederalreserveothers_1
Posts
The United States, both in its economic and governmental branches, suffers repeated attacks from unknown assailants each and every day. Its concerning that most attacks aren't identified at their initial action. Instead, as highlighted in the article, it can take weeks or even months before any problem is identified.
ReplyDeleteStill, 400,000 account numbers is insane and that seems to just be the surface of the problem. Questions begin to come to mind concerning the purchase of these numbers. In addition to this, where did these people go to get these numbers? These questions only lead to more questions that, I believe, begin to reveal a very complicated "business" that underlies the Internet.
Because of the inter-connectivity of the Internet has literally brought the world together, it is only natural that it would share many of the world's problems such as criminal activities. It also becomes almost impossible for countries to track every illegal activity that takes place. The fact that Lin Mun Poo was caught makes me wonder how many more people are out there with illegally obtain information.