August 09, 2011, 12:00 AM —
These companies that are hiring so-called 'security' professionals are just hurting themselves. The hacking will continue to expose these gaping security holes.
A division of CitiGroup in Japan announced hackers had stolen personal information on more than 92,000 customers, according to a story in Japan Times.
Citi Cards Japan, Inc. announced customer names, addresses and credit card numbers may have been taken, though the company is unsure of exactly what data the hackers were able to get. So far there have been no unauthorized uses of the account numbers.
Japan Times quoted an unnamed source as saying someone at a third-party service business Citi Cards hired to handle part of its transaction volume, took the information and sold it.
CitiGroup said the theft is unrelated to another hack in June in which hackers stole credit card numbers from its web site by playing with the content of URLs and managed to post fraudulent charges to the tune of about $2.7 million from 3,400 accounts. Information was taken from about 360,000 accounts.
The two attacks are dissimilar in that one involved a mysterious group of criminal masterminds who figured out how to make their browsers go up one level in the file hierarchy on Citi's servers and then started guessing at account numbers. The other involved some guy copying off a bunch of data from his work computer and walking off with it.
Neither was The Thomas Crown Affair.
Neither was some ape throwing a brick through a window to grab whatever was on the other side, either.
Both jobs required a slightly higher order of primate – a computer-literate grifter, of which there are many, not a genius hacker, of which there are few.