Friday 30 March 2007

Information Security: TJX cost of breach

27B Stroke 6 has a post, Data Breach Will Cost TJX $1.7B, Security Firm Estimates, on the possible costs to the company for a breach of their networks.

The breach compromised approximately 45,600,000 client records containing information like credit card numbers, personally identifiable information, and more.

Apparently the Black Hat was in there for a long time before someone picked up on it.

For those firms that handle personal data, if you don't already have an in-house "hackathon" to test your security, get one happening.

Hire a White Hat to try and compromise from the outside, inside, and where ever else one can discover weaknesses in your network security.

How many breaches, both corporate and government, is it going to take before our data is going to be safe? How many before we the consumer have some sort of agency with power, preferably independent, that can work on our behalf?

For those affected by the breach, get together and start a Class Action Suit! Companies have to learn, be it the hard way, that we mean business about protecting our sensitive data!

Protect yourself, subscribe to the Credit Agency's credit file monitoring services. "Loose" your credit cards once every couple of years ... the CC companies hate to have to change your cards on a regular basis. But, it changes your numbers and makes it that much harder for them to be compromised.

Beware of who you are giving your credit card information to, and never loose sight of them if it can be helped. Resteraunts are notorious for this.

Philip Elder
Microsoft Small Business Specialists

No comments: