Slashdot Mirror

← Back to Stories (view on slashdot.org)

Has the Data Security Problem Become an Epidemic?

Posted by Cliff on from the so-much-for-privacy dept.

telstar asks: "Lately, it seems like an almost weekly occurrence: confidential customer data is exposed online, despite the assurance that security measures were in place to prevent such a problem. ChoicePoint Inc., LexisNexis, and DSW Inc. were all victims of online security breaches. Ameritrade and Bank of America both admitted lost physical data tapes containing confidential client account information. Recently, Carnegie Mellon notified 19,000 students, alumni, faculty and staff that their confidential information may have been compromised. An April 2005 GAO report found that though the IRS is making progress fixing security holes in systems that it operates, they aren't keeping pace with new vulnerabilities, risking exposure of sensitive financial data of the taxpaying population of the country. To top things off, these are only the cases that we're aware of, which begs the question of how many security breaches have gone unnoticed, or unannounced. What about companies like Google? As they expand their service offerings with GMail and Google Search History, where they are increasingly responsible for retaining client data, will they become a bigger target for attackers? This is the problem. What is the solution? Are there any tips for people to help protect their identity and confidential financial information? What firms go above and beyond the call of duty to ensure that their client data is secure?"

5 of 75 comments (clear)

  1. Write State Senators by justanyone · · Score: 4, Insightful

    Write your state senators and legislators and urge adoption of california style laws that require companies to notify their customers if any private data is compromised.

    Illinois does not have a law, and it should.

    From what I understand, the main reason we're hearing more about these data intrusions is the California law now mandates such disclosures.

    --
    Unitarian Church: Freethinkers Congregate!
  2. Some of it is legal by MerlynEmrys67 · · Score: 3, Insightful
    Companies are now legally required to publically disclose breaches... 5 years ago there was no such requirement - so they didn't bother.

    That said - the cracker population is getting significantly more sophisticated with more resources available to them (think a zombie network for solving distributed problems rather than simply launching a DDoS).

    Online is a scary place to be isn't it ?

    --
    I have mod points and I am not afraid to use them
  3. No by Safety+Cap · · Score: 4, Insightful
    Data security is no more an epidemic than "terrorism" is. You're just hearing about it more, thanks to the disclosure laws in Cali, et. al.

    Compare with people who watch Faux News: they're convinced that Osama is on the verge of attacking BFE, ND, and we're also winning the war in Iraq.

    --
    Yeah, right.
  4. If it's worthless they won't steal it by vandezuma · · Score: 4, Insightful

    As I read in some article a few weeks ago (not sure if it was /. or not), if companies made their authentication processes more stringent, data like SSN's and names and addresses wouldn't be so valuable any more. The problem is that you can get access to so many things with just basic contact info and a SSN.

    --
    "That is the saving grace of humor, if you fail no one is laughing at you." -A. Whitney Brown
  5. Comment removed by account_deleted · · Score: 3, Insightful

    Comment removed based on user account deletion