Re: Washington Post: 40 Million Credit Card #s Hacked

Sat, 18 Jun 2005 08:02:05 -0700 

Timothy Sipples wrote:
Saturday's Washington Post reports on the woes of CardSystems in Tucson, a credit card processor. A hacker got access to 40 million credit cards. MasterCard, Visa, and the FBI are not amused. The article briefly alludes to how the attack succeeded: 


 
http://www.washingtonpost.com/wp-dyn/content/article/2005/06/17/AR2005061701031.html



According to http://www.cardsystems.com/careers.html (the recruiting page 
for the company), CardSystems has the following types of systems 
installed:


        Microsoft .NET (and Windows servers)
        Oracle databases
        VMS


Not a single mention of an IBM zSeries system, RACF, CICS, or IMS in all 
its job recruiting pages.  Which is really too bad, because if they had 
been processing credit cards through those systems, chances are that 
hacker wouldn't be having as much "fun" right now.



Now, that's not to suggest anyone should rest comfortably.  We all face 
threats like these, and this is no time to get cocky.  But, really, isn't 
it best to start with the right tools for the job, to mitigate the risks? 
CardSystems will no doubt have some dark weeks and months ahead, and 
they'll now have to compete against companies that do use zSeries-based 
technologies for processing credit cards.  (FISERV and Fidelity come to 
mind.)  Maybe more IT people need to reassess what works, and business 
managers need to carefully evaluate IT risk.  As technology becomes ever 
more ingrained in business operations, what are the true costs of security 
breaches and outages?  What systems and software fail less?  Are most 
resistant to security breaches?  And who are the talented IT people than 
can address these concerns?


[Speaking for myself.]


Right. And IBM has done the worst job of speaking up.

I sometimes think the folks in Armonk sit around and
chuckle, "Yes, yes, it's going just like we planned!"

After all, if they can get everyone to move off z/OS
but still use mainframes to run Linux, they can get
rid of those expensive software development and
support costs. And, of course, services are where
the biggest profit margins are. "It's nothing personal,
guys, it's just business."

Kind regards,

-Steve Comstock

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html






















					Reply via email to