New CitiGroup hack shows security 'experts' preaching calm should cut it out

Quality of exploits isn't keeping up with expectations of experts, but quanity has a quality all its own

By  

Good money after bad
These companies that are hiring so-called 'security' professionals are just hurting themselves. The hacking will continue to expose these gaping security holes.

ITworld Facebook fan James Sloat | What's your take?

A division of CitiGroup in Japan announced hackers had stolen personal information on more than 92,000 customers, according to a story in Japan Times.

Citi Cards Japan, Inc. announced customer names, addresses and credit card numbers may have been taken, though the company is unsure of exactly what data the hackers were able to get. So far there have been no unauthorized uses of the account numbers.

Japan Times quoted an unnamed source as saying someone at a third-party service business Citi Cards hired to handle part of its transaction volume, took the information and sold it.

[Citigroup data breach shows why we need fed rules to protect personal data online and Will hackers have to step up their game to keep our attention?]

CitiGroup said the theft is unrelated to another hack in June in which hackers stole credit card numbers from its web site by playing with the content of URLs and managed to post fraudulent charges to the tune of about $2.7 million from 3,400 accounts. Information was taken from about 360,000 accounts.

The two attacks are dissimilar in that one involved a mysterious group of criminal masterminds who figured out how to make their browsers go up one level in the file hierarchy on Citi's servers and then started guessing at account numbers. The other involved some guy copying off a bunch of data from his work computer and walking off with it.

Neither was The Thomas Crown Affair.

Neither was some ape throwing a brick through a window to grab whatever was on the other side, either.

Both jobs required a slightly higher order of primate – a computer-literate grifter, of which there are many, not a genius hacker, of which there are few.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question