Some of this month’s most significant sound bites:
- 1. Finally a number published on the heartland attack (who knows how accurate it is). SC magazine reports 249,839 records compromised. It’s hard to believe this is right knowing that this organization processes over 100 Million transactions each month. We’ll keep watching as the investigation continues.
- 2. Checkfree, the company many use for online payments, exposed about 5 million records this month according to SC. This was done by redirecting traffic intended for the Checkfree site to a server in the Ukraine.
- 3. SC also reports the total number of known compromised records since 2005 as 252,392,040. This agrees with the “250 Million” number I often quote in my executive seminars.
The problem with all of these numbers is inferred in today’s USA Today article on Cybercrook’s Websites http://www.usatoday.com/money/industries/technology/2009-03-15-identity-theft-is-your-computer-infected_N.htm . Researchers are discovering information aggregators out on the net that belong to cybergangs – servers used to storehouse stolen information – digital asset warehouses. In this article researcher Prevx found one such site connected into 160,000 systems, actively siphoning off data as people did everything from order pizza to conduct daily banking activities. The details of the article show that cybertheives have a complete account of every activity performed on these systems from changing passwords, to sending meaningless emails. But they also capture banking information, payment transactions, and all kinds of other sensitive information on these infected systems.