We have to press the companies that need to keep non-public information to maintain adequate security. Without pressure from us, they will do the minimum to get by.
Payment Card Industry (PCI) compliance is Not Enough.
And Lifelock is reselling services that anyone can get for free.
TECHTONIC SHIFTS
The Rise of Black Market Data
Criminals who steal personal data often don't use it themselves. Instead, they put it up for sale on one of the many vibrant online markets.
Published Dec 6, 2008
From the magazine issue dated Dec 15, 2008
Member Comments
-
Posted By: Fair Witness @ 12/11/2008 3:54:04 PM
-
Posted By: spindage @ 12/15/2008 11:11:57 AM
Here's how to do what Lifelock does for free:
http://www.richerbytheday.com/2007/11/free-services-provided-by-lifelock.html
-
-
Posted By: Fair Witness @ 12/11/2008 3:50:37 PM
This problem is only getting worse as the economy continues to decline. We have to press the keepers of non-public information to maintain adequate security.
Payment Card Industry (PCI) compliance is Not Enough.
And Lifelock is reselling services that anyone can get for free.
Fair Witness-
Posted By: spindage @ 12/15/2008 11:10:22 AM
Here's how to do what Lifelock does for free:
http://www.richerbytheday.com/2007/11/free-services-provided-by-lifelock.html
-
-
Posted By: ejhilbert @ 12/11/2008 5:25:01 PM
I used to buy stolen data as part of a sting operation run by the FBI. At one point I had in my possession of 300,000 stolen credit cards and the password to a cache of 40 million. The interesting fact is that the theft of the data has limited profitability and you have to have a way to monetize the stolen data. Companies are getting more savvy to the schemes and scams utilized by identity theives so there are very few who can actually turn stolen data into sizable profit without getting caught
The booming business is a mixed blessing. It highlights that IT secuirty is highly lacking but anti identity theft measures are working
-
Posted By: slavikm @ 12/11/2008 4:47:03 PM
One of the big problems is that companies hold tons of PII and CC information in their databases even if they do not really require it for their day to day business. Even worse, those companies rarely have aging policies and good database protection tools in place. Almost all companies leave the database at the mercy of any inside administrators and developers and have no database activity monitoring in place.
Slavik
-
Posted By: newportgss @ 12/11/2008 11:47:50 AM
II'm surprised you didn't mention the recent theft of data from Express Scripts. If the reports are true it could be the largest theft of medical records to date. If this was CC info I'm sure it would be more news
-
Posted By: amy04790460 @ 12/11/2008 4:30:51 PM
I used to work for Express Scripts and they are a very lazy company. They have OSHA violations and they wouldn't verfiy my work history when I left them. Thankfully, I had all my pay stubs.
-
-
Posted By: DeborahB @ 12/11/2008 2:45:46 PM
Credit card information unfortunatly is the only information that the general media seems to think that is traded by these black market dealers.
Having LifeLock or any other of the number of "protectors of Identity" that offer services out there is only one portion of Identity Theft Prevention.
Businesses that have not looked at the Red Flag Rules will be behind the 8 ball when May1, 2009 gets here. Businesses as well as Financial Institutions need to safeguard the information that you entrust to them.
Not just your Credit card information but your Soc. Sec #, as well as Medical information, you are in databases, you never know what is out there on you, LIfelock watches your CC accounts, but what about your medical information? or your internet site you shop on? or read a news story on?
YOU need to be in charge of your information, make sure that businesses that have your information is safeguarding this information, this includes your Utility company's, Insurance Company, any place that you have an account, not just regular credit card accounts but EVERYWHERE. You need to keep informed, ASK before you give the information, ask how they will safeguard this information.
If you have already given the information to them for an account, call them ask for their current policies for safeguarding your Non-Public Information (NPI).
-
Posted By: bdick @ 12/11/2008 1:42:46 PM
Its time to find these theives and shut them down for good. If we can send a man to the moon we can find these scums.
-
Posted By: DeanChin @ 12/11/2008 1:26:35 PM
Welcome to the world of modern technologies in the 21ST century, but the dark side of human nature will never change. We
have to depend on ourselves before reaching out to others.
-
Posted By: ahesano @ 12/11/2008 1:20:21 PM
I have LifeLock and they protect my identity so I feel safe becasue of these types of incidents where my personal data is out there and lost or stolen.
Report Abuse
Enter comments if any for reporting abuse
- It's not important to be perfect here. It’s important to act Bill Clinton on health overhaulWSJ
- Dead on arrival to the Senate Sen. Lindsey Graham on House bill CBS
- We did what we promised Rep. Steny Hoyer on passing health-reform NYT
- That was easy Nancy Pelosi after passing health care bill PLTCO
- Germany unity is not yet complete Angela Merkel on Berlin Wall anniversary CNN
Discuss