"Corporation, n. An ingenious device for obtaining individual profit without individual responsibility." -Ambrose Bierce
On Wed, Jun 15, 2011 at 7:30 AM, Andrew S. Baker <[email protected]> wrote: > *>>As with Sony, one has to wonder where their priorities are with > data protection ..* > > > It's all about shareholder value, and the shareholders value profits and > dividends... > > Plus, no one expects to be caught, or exposed, so it's not a problem until > it's a problem. > > Until they suffer some real penalties (huge SEC fine, real government > oversight, significant loss of customers, jail time for someone in senior > management), there will be little change. > > > *ASB *(Professional Bio <http://about.me/Andrew.S.Baker/bio>) > Harnessing the Advantages of Technology for the SMB market... > > > > > On Wed, Jun 15, 2011 at 5:31 AM, Alan Davies <[email protected]>wrote: > >> What floors me is how sophisticated they are saying the attack is! >> Honestly, this article makes me so angry! >> >> http://www.nytimes.com/2011/06/14/technology/14security.html?_r=3 >> >> This is basic s**t! It's not APT. It's not sophisticated. It's >> complete lack of good governance and due diligence. It's a high profile >> web app with PII data that should be having significant PT work done at >> a MINIMUM of quarterly. >> >> As with Sony, one has to wonder where their priorities are with data >> protection .. >> >> >> >> a >> >> -----Original Message----- >> From: Matthew B Ames [mailto:[email protected]] >> Sent: 15 June 2011 07:24 >> To: NT System Admin Issues >> Subject: RE: [OT] Citibank worse at security than Sony >> >> As a software engineer I would feel rather guilty to develop a system >> that was that poor. I used to have a Citi credit card..... I had better >> check it is no long active. >> >> -----Original Message----- >> From: Ben Scott [mailto:[email protected]] >> Sent: 15 June 2011 04:36 >> To: NT System Admin Issues >> Subject: [OT] Citibank worse at security than Sony >> >> So... 200,000 or so Citigroup customers have had their person info >> stolen. Someone logged in to one account properly, then changed the >> account number in the URL to someone else, and the site happily served >> up that account instead. I hesitate to even call the first party an >> "attacker". Is it really an attack if the bank just leaves a pile of >> money sitting on the sidewalk and someone takes it? >> >> http://www.dailymail.co.uk/news/article-2003393/How-Citigroup-hackers-br >> oke-door-using-banks-website.html<http://www.dailymail.co.uk/news/article-2003393/How-Citigroup-hackers-broke-door-using-banks-website.html> >> >> Some banker fat cats need to go to jail for this. This is >> incompetence of the highest order. >> >> -- Ben >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to [email protected] > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
