If you haven’t read this story in the Washington Post, it’s worth a quick read.
It went something like this:
-A small group of hackers sent out a bunch of porn spam with a virus/keylogger attached.
-A police officer opened one of the emails, and then subsequently logged onto Seisint, a LexisNexis subsidiary. Of course, the keylogger was on the system and everything the officer did was recorded.
Then:
“The young hacker said the group members then created a series of sub-accounts using the police department’s name and billing information. Over several days, the hacker said the group looked up thousands of names in the database, including friends and celebrities. The law enforcement source said the group eventually began selling Social Security numbers and other sensitive consumer information to a ring of identity thieves in California. washingtonpost.com has not been able to reach the young source to seek comment about the sale of personal information.”
Then check this out:
“LexisNexis disclosed on March 9 that records on 32,000 individuals were downloaded by an unknown person or persons who gained access to the company’s database using compromised user accounts. A month later, the company said it determined that 310,000 personal records had been accessed over a series of weeks…
What’s the lesson? This is basic security!! Everything that could have stopped this attack is commercially available and not even that expensive. A friggin free desktop firewall with inbound and outband protection would have obviated most, if not all of the breach. Layer that with a good AV with robust attachment filters.
Then throw in some employee training about social engineering (i.e. “don’t open attachments unless they are from a trusted, known source that you know is supposed to be sending something”, etc.).
Alex Eckelberry
(Thanks to BeSpecific)
Striking blog. I liked the site I will be back
again! Websurfing is a good way to find blogs like
yours.
Hey son, you need to check out my plastic surgery picture blog!
Powerful blog. The site was incredible and will be
back again! Web surfing helps to find good blogs like
this one.
Come as you are and look at my plastic surgery breast augmentation blog.
Incredible blog. I admired your site and I will be
back once again to view it! I use much of my spare
time searching for blogs like yours.
I will give you access to jump to my plastic surgery colorado blog.
Awesome blog. I’m loving the site and I have to
return there soon! Going online, when I have the time,
I look for blogs close to your work!
Please proceed to my united cash advance blog when you find the time.