RE: [ISN] 13,000 Credit Reports Stolen by Hackers

From: InfoSec News (isnat_private)
Date: Tue May 21 2002 - 02:25:23 PDT

Next message: InfoSec News: "[ISN] Its Creator Says Kazaa Benjamin Worm Means Well"

Previous message: InfoSec News: "[ISN] Alert issued for China's next cyber attack"
Maybe in reply to: InfoSec News: "[ISN] 13,000 Credit Reports Stolen by Hackers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded from: Joe Klein <jskleinat_private>

As with many 'hacks', there are two parties involved. The first party
left the 'door open and unlocked' and the second walked through the
open door to steal the property.

The first party in this case is the management of the company. This
management has a fiduciary duty to protect the assets of the company,
including its data.  Lately, it appears that many companies have
decided that it's easer to blame the hacker then perform their "Due
Diligence".

Until the management of companies "are held responsible",
unfortunately, this trend in hacking will continue.


-----Original Message-----
From: owner-isnat_private [mailto:owner-isnat_private] On Behalf
Of InfoSec News
Sent: Monday, May 20, 2002 6:23 AM
To: isnat_private
Subject: [ISN] 13,000 Credit Reports Stolen by Hackers 

http://www.nytimes.com/2002/05/17/technology/17IDEN.htm

By JOHN SCHWARTZ
May 17, 2002

Hackers posing as employees of the Ford Motor Credit Company have in 
recent months harvested a trove of 13,000 credit reports - a virtual 
one-stop shop for fraud and identity theft - with data on consumers in 
affluent neighborhoods across the country.

The company said in a letter to the victims that computer intruders 
used an authorization code from Ford Credit to get the credit reports 
from Experian, one of three major reporting agencies.

"I've never seen anything of this size," a spokesman for Experian, 
Donald Girard, said. "Privacy is the hallmark of our business. We're 
extraordinarily concerned about the privacy issue here, and the trust 
factor."

The inquiries gave the intruders access to each victim's personal and 
financial information, including address, Social Security number, bank 
and credit card accounts and ratings of creditworthiness, which can be 
used to identify the best targets.

"This is not just a credit card number; this is the whole kazoo," said 
Richard Power, the editorial director for the Computer Security 
Institute, an industry trade group. A criminal could use the data to 
make credit card charges or even open bank and credit card accounts in 
the victim's name. 



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.

Next message: InfoSec News: "[ISN] Its Creator Says Kazaa Benjamin Worm Means Well"
Previous message: InfoSec News: "[ISN] Alert issued for China's next cyber attack"
Maybe in reply to: InfoSec News: "[ISN] 13,000 Credit Reports Stolen by Hackers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue May 21 2002 - 05:04:06 PDT