Posts Tagged ‘Financial services’

Top Data Breach Incidents

June 19th, 2010
Credit Cards
Data Security Breaches

ABC News has published a list of 10 severe data breaches that have affected the industry in this decade beginning from 2000.

The list of data breaches has been compiled by a San Diego-based non-profit, called the Privacy Rights Clearinghouse. The list includes  exhaustive list of data breaches by government agencies, institutions and corporations. Some of these incidents highlight the breaches of all kinds and including the number of people affected.

Let us analyze some of these incidents

  1. 2009 — Heartland Payment Systems

    The Heartland payment systems was billed as the largest credit card crime of all time. Princeton, New Jersey based Heartland  processes card payments for restaurants and other businesses. The computers which were processing 100 million transactions for 1,75,000 merchants were penetrated by hackers. In January this year, Heartland was notified by Visa and MasterCard notified Heartland about suspicious transactions.

  2. 2007 – TJX Companies

    4 years ago, the Massachusetts-based TJX informed that more than 45 million customer records in 2003 and 2004. Over $20 million were spent in investigating the incident, hiring the lawyers and notifying the customers. This incident exposes the security vulnerabilities of retailers.

  3. 2009 – U.S. Department of Veterans Affairs

    Information of around 76 million veterans was compromised when a defective hard drive was sent for repair and recycling without first having the data on it erased. Apparently, the hard drive contained millions of social security numbers.

  4. 2005 – Card Systems

    CardSystems, an Atlanta based payment transactions processor suffered a breach incident when more than 40 million card accounts were exposed to potential fraud. Infact, the leaked details that were used by hackers belonged to Mastercard accounts (68,000), Visa accounts (100,000) and other brands (30,000).

  5. 2006 – Theft of Veterans Laptop with Personal data

    Way back in May 2006, a laptop that contained personal information for millions of veterans was stolen in a burglary from the Maryland based agency. Apparently, over 17.5 million veterans were at risk and were offered to cover the cost of monitoring their credit for one year.

  6. 2008 – Bank of New York Mellon

    When the Bank of New York Mellon lost a box of computer data tapes with information such as Social Security numbers, names, addresses and possibly bank account numbers, the personal information of more than 12.5 million people was compromised.As a settlement amount, Connecticut was paid $150,000 by the bank and was also promised credit monitoring and fraud alerts for the affected people for 36 months.

  7. 2007 – Certegy Check Services

    A St. Petersburg, Florida-based financial services firm, Certegy revealed the theft of customer records by an employee that included credit card, bank account and other personal information. The volume estimates of the data breach incident was found out to be $ 8.5 million.

For further insights about the breach incidents, do check out the ABC News article on 10 of the Top Data Breaches of the decade.

Security against Data Breach with Alertsec Xpress

Why do data breach incidents happen in the first place? Perhaps your organization didn’t take the requisite steps or there was some level of negligence with the handling of data.

If you use a data security software a theft would simply be reduced to an insurance matter and cost of the hardware plus time to rebuild the laptop. That is certainly a small price to pay compared to what can happen if you lose confidential or senstive data. Alertsec Xpress offers a very good and easy-to-use laptop security service that includes more than the traditional software licensing model. Feel free to subscribe for your personal 30-day free trial.

Related articles by Zemanta
Enhanced by Zemanta

No comments »

Posted in Data Protection, data breach

Tags:

Banks Distribute Free Security Software to Customers

February 28th, 2010

HSBC has recently started providing its online banking customers with free Rapport software, a service from Trustee that helps protect Internet browsers. The bank joined several other financial organizations, such as Bank of America and Barclays, which offer complementary or low cost security software to their clients. This move by HSBC highlights the importance of online safety in the current environment. If companies are willing to dedicate resources to protect their customers, they should equally invest in protecting company information and data.

Businesses like HSBC are doing the right thing by looking out for their customers’ safety. Additionally, the move has generated lots of free positive press and helped put the bank in a positive light. The promotion is also low cost and affordable, making it a smart business decision. HSBC’s actions are commendable, however, it’s unclear whether the organization is fully protecting itself. Security experts are questioning some of the bank’s website features and the choice of Rapport as the security provider. The criticisms serve as a reminder- it’s crucial for businesses to defend themselves in every way possible to be fully prepared for the future. When it comes to a business’s security, there’s no such thing as being over-prepared when dealing with the Internet.

Spreading Your Resources

A company like HSBC usually has several separate budgets to cover expenses. These range from amounts allocated for administrative costs to figures backing the latest marketing campaign. HSBC’s move showed an in-depth understanding for business strategy. It’s important for companies to work on promoting a fully integrated message- one which shows how all of its different areas work together to create a great product. HSBC spent money to provide customers with free security software and the purchase helped decrease the need for spending in marketing, advertising, public relations, and even recruiting! After the media picked up the story, HSBC can sit back and enjoy its investment.

However, it appears the company standpoint on security fell short- an analyst at a rival firm crictized HSBC in an interview with eWeek Europe:

Cluley …questioned HSBC’s decision to allow banking customers to save their user ID on their browser. Rather than entering the ID every time they access the site, user’s can choose to have their browser remember the code.

“Certainly I wouldn’t feel comfortable if my online banking password was being remembered for me in this fashion,” he told eWEEK Europe UK. “A home computer may not be ‘public’ or ’shared’, but it can still be stolen or a dodgy workman might have access to it. My suspicion is that security and usability have once again had a wrestling match, with those who want less support calls from forgetful consumers winning.”

It’s unclear whether Cluley’s claims are well-founded; a representative of HSBC explained that the ID saved requires an additional password and exists as added convenience. Nonetheless, organizations need to evaluate how their budgets are being spent and make sure that security is well funded. A firm protected by Alertsec Xpress would be able to use advertisements to promote its business’s high level of security and market itself as a safe organization which uses encryption to protect customers. Companies should explore how their security spending is connected and find the strings which can be cut.

1 comment »

Posted in Uncategorized

Tags: