Going into week six there has been more stories to choose from. This week I'm going to focus on story that involves a well know online brokerage firm. Seems like even well know companies
are getting breached. Online companies need a higher budget for security as
they are more likely to get attacked. This week’s blog entry will give an overview
of the story and what the company needs to do moving forward.
Scottrade was informed by the FBI that they may have been
breach around two years ago. “The system that was hacked contain Social
Security numbers, email addresses and other sensitive data” (Kirn, 2015). They
believe that people’s contact information was targeted. This would include the names and street addresses of their clients. Scottrade says that the attackers may have
been after this information because they wanted to facilitate stock scams via
spam emails (Krebs, 2015). Scottrade says their client passwords are fully
encrypted and there has not been any fraud related to the incident. They are
providing their affected customers with a free year of credit monitoring.
The question everyone should be asking is why it took two
years to discover they had been breached. Customers of Scottrade may need to
rethink if they want to keep doing business with a company that didn’t find a
breach on their network for two years. On top of that why did Scottrade have to
find out from the FBI? After reviewing the information it seems they do not
have proper security measures setup. Honestly, even if their passwords are encrypted
and none of them have seemed to be stolen, Scottrade should make all users
changed passwords for security reasons.
Not knowing how the attackers got in and took the information
it’s tough to say how this could have been prevented. Security breaches are
costing companies in the millions each year because of lax security. How much
it is going to cost Scottrade? They have to provide credit monitoring services
for about four and half million people. According to creditcard.com it can cost
10 to 15 dollars a month or 120 to 180 a year (Johnson). If you take that
number times four and a half million the total amount just for credit
monitoring services comes in at eight hundred and ten million dollars. That number is just for the credit monitoring services it may end up costing them almost a billion dollars, which
could have possibly been avoided if there had been more security in place. Part of the reason it may cost them over a billion dollars is because they will have to pay a third party forensics team and the FBI for researching the breach.
References
Kirn, J. (2015, October 8). Scottrade faces lawsuit over
security breach. Retrieved October 10, 2015, from http://www.bizjournals.com/stlouis/news/2015/10/08/scottrade-faces-lawsuit-over-security-breach.html
Krebs, B. (2015, October 2). Krebs on Security. Retrieved
October 10, 2015, from
http://krebsonsecurity.com/2015/10/scottrade-breach-hits-4-6-million-customers/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:
KrebsOnSecurity (Krebs on Security)
Johnson, A. (n.d.). Credit monitoring services: Pros, cons
and how to pick one. Retrieved October 10, 2015.
No comments:
Post a Comment