Less than a week ago it was announced 100 million and possibly more credit/debit cards breached in the largest data breach in the world ever. Bravo. Brilliant. High five and congratulations to the hackers where ever they may be. I’m not proud, but certainly impressed.
How does this happen? Flaws in the system of designing software, old technologies used for new transactions, unsecured networks, inside jobs, etc, list goes on and on and on. The real reason is retailers and others have to be PCI compliant, which in itself is good, but does not solve the problem of credit card fraud. Until PCI adopts solutions that solve credit card fraud then we will still be amazed when 100 million cards are stolen. When industry adopts a secure solution (and they do exist), then data breaches of this kind will be a non-issue.
Robert Siciliano www.IDTheftSecurity.com Identity Theft Speaker and Expert on Personal Security.
Less than a week ago it was announced 100 million and possibly more credit/debit cards breached in the largest data breach in the world ever. Bravo. Brilliant. High five and congratulations to the hackers where ever they may be. I’m not proud, but certainly impressed.
How does this happen? Flaws in the system of designing software, old technologies used for new transactions, unsecured networks, inside jobs, etc, list goes on and on and on. The real reason is retailers and others have to be PCI compliant, which in itself is good, but does not solve the problem of credit card fraud. Until PCI adopts solutions that solve credit card fraud then we will still be amazed when 100 million cards are stolen. When industry adopts a secure solution (and they do exist), then data breaches of this kind will be a non-issue.
Robert Siciliano www.IDTheftSecurity.com Identity Theft Speaker and Expert on Personal Security.
“Necessity is the mother of invention” as they say. Hackers changed their motivation from seeking fame, to now financial gain over the past 5 years. Inventive entrepreneurial minds have created a slew of technologies in the form of software and hardware to immunize a server from a viruses/keyloggers/malware preventing a criminal hacker from being able to take over a PC.
Further, advances in card technology (at least 3 different technologies) that are currently being marketed to industry, even if data is stolen from a server, would render the data useless to the thief both online and at a POS if widely implemented.
What we have seen is a cost/risk/benefit analysis that favors loss of data and the associated costs over implementing security technologies at a higher cost. Inevitably, the tides will turn as hackers continue to get better and better and industry loses and loses. Over the next year (or 2) we will begin to see these technologies implemented. But not before we see even more pain.