Reconnex Alert: Largest Identity Theft Security Breach to Date Could Affect Up to 40 Million Consumers
| Incident: 40 Million Exposed in Recent Security Breach |
A security breach at CardSystems Solutions, a company that processes transactions for merchants could affect as many as 40 million credit card holders in the single largest reported breach of consumer data to date.
| How it Happened |
While the FBI is still investigating the breach, experts believe an unauthorized individual was able to infiltrate CardSystems’ network and access cardholder data using a virus-like computer script that captured customer data.
CardSystems’ officials said they first noticed a potential security breach on May 22 and contacted the FBI a day later. Visa, MasterCard, and other companies were notified as CardSystems brought in third-party security experts to review their systems. In an effort to protect their customers, MasterCard International was the first to announce the breach on June 17 th, 2005 reporting only a small fraction – about 68,000 of their customers – are at risk. MasterCard is now asking Congress to extend the Gramm-Leach-Bliley Act consumer protection provisions to include all entities, such as third-party processors like CardSystems that store consumer financial information.
| How Reconnex Could Have Helped |
Reconnex’s hardware-based content monitoring systems are the first information security technology capable of monitoring customer private data, such as credit card numbers, as they flow over the network and can look for executable computer scripts like the one used by the CardSystem hacker to show exactly what data was compromised. Using forensic capabilities of the Reconnex system, investigators would be able to recreate the scene of the crime immediately and provide investigators with the actual customer records the hacker used to track the suspects down immediately, allowing companies to quickly remediate the situation.
| What the Experts are Saying |
"Even the most secure companies are at risk," said Donald J. Massaro, CEO Reconnex Corporation. "To avoid breaches, all companies need to vigilantly monitor the sensitive customer private data that leaves their network. Just like the Y2K upgrade, companies should be required to upgrade their network security infrastructure to include content-monitoring appliances that monitor customer-sensitive data."
"‘Consumers’ personal and financial data has become the gold of the 21 st century, and we need to protect it accordingly,’ said Sen. Charles Schumer (D-NY), who has co-authored a bill that would require companies to take additional steps to curb data theft. The bill would also create standards for companies handling sensitive personal data." Reported at ConsumerAffairs.com http://www.consumeraffairs.com/news04/2005/cardsystems.html
| Expert Resources Available |
If you are currently seeking comment from technology, legal, or information security experts regarding the CardSystems security breach, Reconnex can offer the following resources:
- Donald J. Massaro, CEO Reconnex – Reconnex provides Fortune 1000 companies an appliance-based internal network security platform that analyzes, identifies, and registers both known and unknown electronic data risks. Massaro has over 30 years of experience working with and running successful Silicon Valley security startups and can offer insight into the technology now available to detect and remediate these data breaches.
- David Kramer, partner at Wilson Sonsini Goodrich & Rosati – Kramer specializes in Internet-related litigation and counseling, with a focus on privacy and intellectual property matters.
To speak with any of the aforementioned resources, please contact Robb Henshaw at Engage PR at (510) 748-8200 ext. 217 or on his mobile at (925) 639-0364.
| About Reconnex Corp. |
Reconnex is the leading provider of enterprise risk management (ERM) systems that reveal compliance risks, competitive risks, corporate governance risks and critical infrastructure risks. Reconnex has enabled Fortune 1000 companies and government organizations to protect their brand, shareholder value and mission critical operations by revealing hidden risks in the first 48 hours of deployment. Without exception, every deployment has enabled these organizations to quickly remediate the risks that could have damaged or destroyed their organization.
Give us two days, you’ll know™. Call Reconnex today at 1-866-940-4590 or visit us on the web at www.reconnex.net.
