Posts Tagged: "hacked"

Regulations will likely start rolling out in the coming year starting at the state level. In May of last year, for example, the New York State Department of Financial Services released a report which said that the agency would add cybersecurity measures to the list of items that it investigates when evaluating a bank’s overall safety and soundness. New York, and New York City in particular, is home to a huge banking industry that represents some of our nation’s largest financial institutions, including American Express, JPMorgan Chase, Goldman Sachs and Merrill Lynch. According to remarks made by NYS DFS Superintendent Benjamin Lawsky in late February, state regulations could involve the use of multi-layer authentication systems for firms regulated by the DFS.

Home Depot may be the latest and largest breach to become news, but it’s certainly not the only one and hacking activity seems to be ramping up in the past few months. Malicious software known as Backoff, responsible for the Target breach, has also been identified as a potential culprit in recent breaches at Dairy Queen, Supervalu and United Parcel Service. Law enforcement officials have theorized that an Eastern European group may be responsible for a majority of these breaches because of links to Ukraine in the malware’s code… [R]ecent data breaches at major corporations have agitated some financial technology developers to look for more secure options for conducting transactions without cash. Many are touting a new wave of debit and credit cards which have microchips that improve data security as a possible answer.

Identity theft, and the various cyber attacks undertaken to accomplish this crime, are somewhat related to infringements of intellectual properties that we cover here at IPWatchdog. The top asset that any company has is their good name, and much like a trademark that has become compromised, it’s very difficult for an individual to fix misappropriation of their identity even when it’s the fault of a malicious hacker. But as deeply troubling as it is for individuals to have their identity stolen it can be equally crippling for the businesses who allow for sensitive personal information to be taken by nefarious actors. Most businesses simply cannot afford to have their good business name associated with a cyber attack.

How is it possible that no one is going to jail for this? How is it possible that there were no fines levied by the FTC? According to the FTC’s complaint, Aaron’s franchisees used the software, which surreptitiously tracked consumers’ locations, captured images through the computers’ webcams – including those of adults engaged in intimate activities – and activated keyloggers that captured users’ login credentials for email accounts and financial and social media sites. Under the terms of the proposed consent agreement with the FTC, Aaron’s will be prohibited from using monitoring technology that captures keystrokes or screenshots, or activates the camera or microphone on a consumer’s computer, except to provide technical support requested by the consumer.

Essentially what it sounds like is that by getting you to sign into your twitter account, the scammers are able to look for patterns between the accounts you sign into using a form of spyware. If you use the same or similar passwords on websites of different kinds, chances are you are using the same or similar login for all of your accounts.