February 10, 2008   Sign In |  About ebizQ |  Contact Us |  Join ebizQ Gold Club
Peter Schooff
Peter Twenty-Four Seven Security
 Peter Schooff's blog is a daily look at what's going on in the world of computer security with an emphasis on how it affects businesses.

« Simplifying for Security's Sake | Main | Will Security Dominate IT in 2008? »

December 21, 2007
2007 -- The Year of the Data Breach

Ahhh, to look back to early 2007, when you could take a Sunday drive on the Information Superhighway with data leaking out everywhere and by the time you got home, there wouldn't already be ten versions of you shopping at OverPriced.com. The days of data ease seem so long ago (what's the calculation: two days on the internet equals a year in Medieval times?). Well those days of data innocence are gone. P-V-E-R!

2007 was the year of the big data breach, and some of the lowlights were:

Monster.com -- One of the first big multi-staged attacks, as in they collected info then used that info for spearphishing attacks. News later revealed that Monster waited five days to inform customers (information that's critical to stopping a targeted phishing attack), but hey, they said this happens to companies all the time (or maybe it's time Monster polished up it's Resume).

TD Ameritrade -- Another multi-staged attack, and anther huge lag in customer notification (some estimate it took as long as a year). What's so scary about this breach is the closer they get to you, the closer they get to your money, and with TD Ameritrade, they're already in your money.

TSA -- Cybercrooks breached them not once but twice, the first with two lost laptops with the names, addresses, birthdays, SS # and commercial driver’s license numbers of hazardous material truckers, the second where cyberbaddies stole a computer hard drive with the names, Social Security numbers, dates of birth and bank account and routing information of current and former employees, including federal air marshals. I've heard the saying screw me once, shame on you, screw me twice, shame on me, but what do you say when it happens a third time?

There are certainly a many more notable breaches, but the story starts to get a bit repetitive...you know, hacker meets company, hacker steals company's data, company makes excuses, but that still doesn't fully explain the grand prize loser of the year:

TJX -- First reports estimated 10 million records lost, and that number now stands upward of 100 million. Just checked the TJ Maxx website, and it proudly exclaims, Fear not, last-minute shoppers! I would add, though, that the only thing TJ Maxx's shoppers need to fear is their data itself.

OK, 'nuff preachin about the breachin, as I want to point out an excellent podcast that's like a bullet train to the future of security, that being Virtualization Security, and is recorded by Mike Rothman. You can give it a look/listen right here.

Happy holidays all!


Posted by pschooff in |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/2991

Comments Post a comment




Remember Me?

(you may use HTML tags for style)

We ask that you type your code (displayed below) in the text box.This code is an image that cannot be read by a machine. It prevents automated programs from submitting comments.


Code:



Most Recent ebizQ Blog Entries
ADVERTISEMENT
Subscribe
News Feed
Recent Posts
Categories
Archives
Blog Roll
Blogosphere
This Work
Accountability:The opinions expressed in this blog are solely representative of the blog's author, and not of ebizQ
Subscribe to our Newsletters
ebizQ Weekly Gold Club Update
Live Webinar Updates
Updates from ebizQ Partners
ebizQ SOA Update
ebizQ BPM Update
ebizQ Security Update
ebizQ BI Update
ebizQ Open Source Software Update
Virtual Show Newsletter
Your E-mail Address:
BAM: The Killer App for CEP
Date: Feb 12, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Event Processing Market Pulse
Date: Feb 14, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Archived Webinars | Upcoming Webinars

Marketing Solutions | Feedback | About ebizQ | Unsubscribe | Privacy Policy | Site Map