Now, it's Target that has been - well - targeted by hackers, who hit the jackpot: 40 million accounts, including not only customer names, but credit and debit card information as well, including the expiry date and the CVV security code - all that is required to use it in fraudulent operations.
I sincerely can't believe why companies like these (who should do a lot better about their customers' data security) don't keep such data compartmentalized, and at the very least encrypted in order to make it harder for hackers to use them (a per user strong encryption key, and restricted access credit card information server - accessible only via a secure service; etc.)
If I'm not an expert on security and I can think of this, would it be too much to ask for any company keeping user data to do the same? At the very least do a security audit to ensure their data is minimally well protected and follows the "good practice" security rules.
... It gets increasingly difficult to trust any company to keep our data in a secure manner...
No comments:
Post a Comment