Big Names Still Recording Major Breaches
A lot of people are writing up IBM's latest X-Force Threat Insight report, as the paper presents a stark portrait of continued malware acceleration, rootkit activity and general cyber-crime mayhem that has surfaced over the last month alone.
But one of the less-reported and more interesting aspects of the research report is its list of major security/data breaches that have occurred since the end of June.
There was a time when nearly every major breach garnered ink, but as audiences have become increasingly de-sensitized to the incidents over time, based mostly on their volume and unbending frequency, the media has stopped its highlighting of all but the most incredible of the attacks and accidents (hello TJX Companies!).
However, lest anyone should think that serious incidents are not still occurring on a regular basis at organizations of all sizes, shapes and business models, one look at the IBM list reveals that the last month produced some fairly diverse and noteworthy events.
And according to IBM researchers, the incidents are being carried out and/or caused by a number of different methods and factors.
"In addition to the loss or misplacement of information, corporations and individuals are at risk to exposure via malware, hacking, phishing attacks and various social engineering tactics," the company said in its report. "There are also non-cyber related methods such as stealing mail, dumpster-diving or obtaining information from employees or stolen records."
Here's IBM's list of major security events that have taken place since June:
At deep-pocketed Citibank: a server that processes ATM withdrawals was breached. The incident resulted in hundreds of fraudulent withdrawals from New York City ATM machines.
ATM-related incidents always seem ideal. No fence or middleman needed. Free money!
Cotton Traders apparently got fleeced in: an attack against the company's Web site that compromised the credit card details of as many as 38,000 customers.
I'm noticing a common thread here. Ouch.
Oy! At the Scottish Ambulance Service: a disc containing the records of close to 900,000 emergency calls, including the name and addresses of patients has "gone missing."
Gone missing? Is IBM quoting the directly from the Scottish crime report?
Within the vaunted halls of Stanford University: a laptop containing sensitive information, including faculty members', staffers' and students' names, addresses, Social Security numbers, birth dates, university ID and employee numbers was stolen, potentially compromising 72,000 records.
Really, there aren't too many school that could/would/should be more embarrassed about this, right? No security love from the alumni? No free consulting? All the goods were stored on ONE laptop people? MIT grads are laughing somewhere.
At the recently-reaffirmed top party school in the U.S., the University of Florida: the sensitive information, including Social Security numbers, names and addresses of 11,000 current and former students was posted online.
OK, that's decidedly less surprising, but I'm pretty sure they've also got a better football team than Stanford... and parties.
And at the University of Utah Hospital: some 2.2 million billing records containing the personal information of patients from the past 16 years have been stolen.
I cannot think of a single thing to associate with UUH. UUH? 2.2 million! UUH! UUH!
So, it's still happening left and right. To big organizations with a lot of time and money to spend on security, or who themselves trained some of the most prolific IT security experts in the field today.
And at the Scottish Ambulance Service -- imagine being that CSO, that poor git.
He looks like a half shut knife!
Matt Hines has been following the IT industry for over a decade as a reporter and blogger, and has been specifically focused on the secuity space since 2003, including a previous stint writing for eWeek and contributing to the Security Watch blog. Hines is currently employed as marketing communications manager at Core Security Technologies, a Boston-based maker of security testing software. The views expressed herein do not necessarily represent the views of Core Security, and neither the company, nor its products and services will be actively discussed in the blog. Please send news, research or tips to SecurityWatchBlog@gmail.com.