These days no one is immue to the “data binging”. The reason I say that is because everyone has an MP3 player, digital camera, and or both, not forgetting resumes, personal finance spreadsheets etc.. We are constantly moving from one system to another in our quest for “better and bigger”, and in doing so leave some data behind, which if it ends up in wrong hands will cause you your credit rating or identity theft.
If you are going to sell you laptop/desktop, please make sure to erase all data on the drive. Delete helps, but this data is still recoverable as it only deletes the address, while the data is still in the disk. This data can be recovered by the prying eyes.
I have come across an excellent utility DBAN, which is very helpful in erasing all the data on a particular drive.
Warning: You have to be absolutely sure that you do not need the data, as it will not be recoverable after the above mentioned utility has been used.
Hackers have posted on the internet MediaDefender Inc emails sent between the company employees. The emails contain information on how they conduct business, by trapping unsuspecting video posters and then providing that info to media companies so that appropriate action can be taken against them. Some emails also contained passwords on how to log onto their website for administering it.
My rant…..what will it take organizations to understand importance of encryption. First all information generated within the organization must be classified and then based on the classification appropriate steps taken to protect it, one of them email encryption.
TD Ameritrade follows www.monster.com ’s footsteps. About 6.3 million customer records were hacked, although TD Ameritrade states that the records did not contain social security numbers and account numbers. No other details around the incident were disclosed.
As a result of this customer have started receiving phishing emails, which could lead to identity theft.
In my opinion TD Ameritrade should send the customers a Internet security 101 course to protect them from identity theft and impending law suits.
Monster.com information theft was not realy a hack but more a case of identitiy theft. How so? well… some gullable individual working for a recruiter or in the HR department of a company managed to provide their credential via a PHISHING email. Once the hackers got hold of these credentials, they were able to use TROJANS to login and capture information. Even a US Government agency which uses monsters services for recruitment lost data this way.
This again gets back to the issue of “USER EDUCATION”, every organization is responsible for educating their employees. If the employer fails to do so, the legally they should be held liable for the resulting damages and not the employee.
Of all the organizations, IRS the money Police seems to have a flaw in their business practices. The issue came to light when a caller called a number of IRS managers, contractors, other employees posing as in IT guy, and requested the to provide them their user ID’s and passwords, to which they willingly complied.
In this time and age where computer fraud is happening at unbeleivable proportion the least an organization of this status employ is common sense, which means educating their employees on how to deal with such situations. If you cannot trust these guys who can then be trusted?
Security and Privacy seem to be ignored by most organizations, what will it take for organizations and users alike to understand this issue and take it more seriously.
As most of us are now accustomed to using the keyless car entry systems installed in on our cars daily without ever thing it could be HACKED. Well security researchers in Israel and Belgium have discovered an electronic eqivalent of a Slim Jim. Most car manufacturers have implemented a 20 year old encryption system called KeeLoq. The technique involves intercepting a number of transmissions, after which producing a master key takes about 1 hour. Whereas with out the interceptions the activity could take about a day.
PKI is a great technology but it is like racing against time, as computers become faster and cheaper, decrypting information becomes quicker…..should we return back to conventional lock and key?
Published at August 27, 2007
in Hacking.
So much for AT&T’s strategy to have exclusive rights to sell Apple’s iPhone. Apple probably convinced AT&T into beleiving that their Mac osX is very secure and so would their iPhone OS. The fact that an 17-year old can unlock the code on iPhone makes Apple look like fools.
The morale of this story is, no matter how secure you make your application, OS, or platform there is someone out there who will infiltrate it and make you look like a fool.
I was just following up on news today and came across an article on BBC news. According to the article most of the information lost pertained to North American users, and about 5000 non-north american users. The attack originated in UKRAINE, what this means is that the users whose information was lost should expect a lot of SPAM, and PHISHING type email asking for more personal/private information. I wonder if Monster.com is lining up its lawyers in preparation of a law suit. Should be interesting.
