How Is Data Compromised? Let Us Count The Ways
Tuesday December 23, 2008
Money may be hard to come by in this economy, especially during the holiday season, but there is one thing that is never in short supply as a year comes to a close- lists. There are lists for best song, worst movie, memorable moments, and just about anything you can think of. It does eventually get to be overkill, but some of the lists are kind of cool. Actually, one of the things that occurs to me with almost every one of these lists is "that just happened this year?!?!" Things that occurred back in January or February seem like they are from the distant past. But, I digress.
One of the Top 10 lists that has come to my attention is from Linda McGlasson at BankInfoSecurity.com. She enumerates for us the Top 10 Security Breach stories of 2008. You can read her list, complete with more details behind each story by clicking here. Below is a summary of the Top 10 list with a statement of the underlying cause of the breach (if known):
- TJX: Insecure Wireless Network
- Bank of New York Mellon: Unencrypted Backup Tape
- Hannaford Brothers: Unknown, but Hannaford claims to have just passed PCI DSS compliance assessment
- Countrywide Mortgage: Insider Theft Compromise of Data
- GE Money: Lost Backup Data Tape
- RSA: Sinowal Trojan
- Compass Bank: Insider Theft of Hard Drives
- Okemo Ski Resort: Malware Compromise
- Montgomery Ward: Weak Web / Database Server Security
- Citibank ATM Theft: Server Compromise
Comments
very well said information sir… thanks for sharing..
im in LAN, while we r having chatting with my frnds,i run netstat -ano,but it wont shows his exact ip address .can u plz tell me how to detect his ip address in LAN