Thursday, December 19, 2013

40 million of Target accounts stolen

Not a single day goes by without a new incident of a big company letting their customers data be stolen from their servers - and worse still, it shows us just how poorly these companies keep our data safe (or at least, "safer").

Now, it's Target that has been - well - targeted by hackers, who hit the jackpot: 40 million accounts, including not only customer names, but credit and debit card information as well, including the expiry date and the CVV security code - all that is required to use it in fraudulent operations.

I sincerely can't believe why companies like these (who should do a lot better about their customers' data security) don't keep such data compartmentalized, and at the very least encrypted in order to make it harder for hackers to use them (a per user strong encryption key, and restricted access credit card information server - accessible only via a secure service; etc.)

If I'm not an expert on security and I can think of this, would it be too much to ask for any company keeping user data to do the same? At the very least do a security audit to ensure their data is minimally well protected and follows the "good practice" security rules.

... It gets increasingly difficult to trust any company to keep our data in a secure manner...

No comments:

Post a Comment

Related Posts with Thumbnails

Amazon Store