Sadly, I concur.
*ASB *(Professional Bio <http://about.me/Andrew.S.Baker/bio>) Harnessing the Advantages of Technology for the SMB market... On Wed, Jun 15, 2011 at 10:55 AM, Free, Bob <[email protected]> wrote: > > Plus, no one expects to be caught, or exposed, so it's not a problem until > it's a problem. > > > > Indeed > > > > > Until they suffer some real penalties (huge SEC fine, real government > > oversight, significant loss of customers, jail time for someone in senior > > management), there will be little change. > > > > If recent history is any indicator, they will get a big bailout for their > malfeasance, any indiscretions will be ignored by regulators, they will pat > themselves on the back with huge bonuses for weathering the storm, and the > consumer will be left holding the bag. > > > > > > *From:* Andrew S. Baker [mailto:[email protected]] > *Sent:* Wednesday, June 15, 2011 4:31 AM > > *To:* NT System Admin Issues > *Subject:* Re: [OT] Citibank worse at security than Sony > > > > *>>**As with Sony, one has to wonder where their priorities are with > data protection ..* > > > > It's all about shareholder value, and the shareholders value profits and > dividends... > > Plus, no one expects to be caught, or exposed, so it's not a problem until > it's a problem. > > Until they suffer some real penalties (huge SEC fine, real government > oversight, significant loss of customers, jail time for someone in senior > management), there will be little change. > > > > *ASB *(Professional Bio <http://about.me/Andrew.S.Baker/bio>) > *Harnessing the Advantages of Technology for the SMB market...* > > > > On Wed, Jun 15, 2011 at 5:31 AM, Alan Davies <[email protected]> > wrote: > > What floors me is how sophisticated they are saying the attack is! > Honestly, this article makes me so angry! > > http://www.nytimes.com/2011/06/14/technology/14security.html?_r=3 > > This is basic s**t! It's not APT. It's not sophisticated. It's > complete lack of good governance and due diligence. It's a high profile > web app with PII data that should be having significant PT work done at > a MINIMUM of quarterly. > > As with Sony, one has to wonder where their priorities are with data > protection .. > > > > a > > > -----Original Message----- > From: Matthew B Ames [mailto:[email protected]] > Sent: 15 June 2011 07:24 > To: NT System Admin Issues > > Subject: RE: [OT] Citibank worse at security than Sony > > As a software engineer I would feel rather guilty to develop a system > that was that poor. I used to have a Citi credit card..... I had better > check it is no long active. > > -----Original Message----- > From: Ben Scott [mailto:[email protected]] > Sent: 15 June 2011 04:36 > To: NT System Admin Issues > Subject: [OT] Citibank worse at security than Sony > > So... 200,000 or so Citigroup customers have had their person info > stolen. Someone logged in to one account properly, then changed the > account number in the URL to someone else, and the site happily served > up that account instead. I hesitate to even call the first party an > "attacker". Is it really an attack if the bank just leaves a pile of > money sitting on the sidewalk and someone takes it? > > http://www.dailymail.co.uk/news/article-2003393/How-Citigroup-hackers-br > oke-door-using-banks-website.html > > Some banker fat cats need to go to jail for this. This is > incompetence of the highest order. > > -- Ben > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
