Fidelity National suffered the ultimate insider theft when an IT staffer sold about 2.3 million customer records to a marketing firm. But it’s the low-tech way this techie did it that makes it interesting.

When Fidelity National Information Services this week announced that about 2.3 million customer records had been illegally sold to a group of direct marketers, most media overlooked the most interesting part.

Some quick background. The Fidelity National we’re talking about is a Jacksonville, Fla., firm that owns a company called Certegy Check Services Inc.. Certegy is mostly in the check authorization business and it tracks bank account information so that can help retailers whether it’s wise to accept a particular check. The company says it also handles some credit card information “to assist casinos in providing their customers with access to funds.”
Full article…

Comments: No Comments

Often transmitting unencrypted confidential customer data over weakly-protected connections, retailers risk privacy and create backdoors for cyber thieves. And yet, no one’s giving the merchants much of a choice.

When retailers make changes to any system that might impact credit-card processing—be it point-of-sale upgrades, OS patches, database changes, connection improvements, etc.—it needs to be tested.
Full article…

Comments: No Comments

Making it unanimous thus far, two federal judges have denied key motions in the lawsuits against retailers accused of violating federal law by printing prohibited information on credit card receipts. This is on top of a third federal judge making a similar ruling earlier this month.

Unless the U.S, Court of Appeals for the Ninth Circuit intervenes early next year, retailers who have been sued for printing federally-prohibited information on consumer credit card receipts will almost certainly get off the hook. This is because of decisions from two federal judges this week rejecting a critical class-action certification request from the consumers suing the retailers.
Full article…

Comments: 1 Comment

The Blink Of An Eye

Most users are well aware that they should back up their data on a regular basis. Some are fortunate in that they are aware simply from information they have read, or anecdotal stories told 3rd-hand. Many, however, have suffered the consequences of failing to back up data first hand, perhaps losing priceless family photos or irreplaceable financial data in the process.

Maybe those victims of data loss had it on their “to-do” list. They planned to back up very soon…as soon as they could find the time. In the blink of an eye, the data is gone. It could be a hard drive crash, a flood, a fire, or any number of unpredictable tragedies. Regardless of how it happens, your data will be gone unless you have taken precautions ahead of time.
Full article…

Comments: 5 Comments

Somebody is Watching You

How would you feel if there were someone following your every move and keeping a written record of everywhere you go? Would it concern you that someone knew you were at the book store this morning for 2 hours and 13 minutes and that you bought 2 books and a large coffee? How about if they knew that after you left the book store you saw a movie, where you had a large popcorn, and then you went home to watch Seinfeld reruns and eat cold leftovers from your refrigerator?
Full article…

Comments: 6 Comments

Over the last couple of days there have been rumors whether the massive breach at TJX might have been an “inside-job”. This is probably fueled by the fact that the attacker apparently had access to the crypto keys within TJX’s data center. Whether it was an inside-job or not, doesn’t really matter at this point.
Full article…

Comments: 1 Comment