ISR News: Avivah Litan - “Visa’s next…?”
Excerpts From Pin Payments Blog
Now, with 3 processor/acquirer breaches in 3 months, it appears she’s the Nostradamus of the financial transaction world. So when one of her “quatrains” predict that “Visa’s next…” I, for one, wouldn’t write that off as being overly cautious (or pessimistic). HomeATM CEO, Ken Mages, (who’s also a “see-er) saw the same writing on the wall years ago. Difference is, he’s was in a position to, (and has already done) something about it. Ms. Litan states that Visa needs to start seeing the same thing…or they’re next.
ISR News: Anatomy of a Data Breach
Excerpts From BankInfoSecurity.com
“Once the intruder is on the network and able to move around, there is oftentimes a system of downloading hacker tools, and the tools do a couple of different things. Sometimes they go and look at passwords or try to find passwords, and sometimes they are simply devices to capture sensitive information and maybe store it in a certain file somewhere on the network. And then lastly there is another series of hacker tools that are downloaded and installed and the point they have, the purpose of being used to export the sensitive information over the internet through remote computers that the intruder controls. Sometimes the export occurs over an extended period of time.”
There is No Delight in Being Right
By Laura Wilson, Information-Security-Resources.com Corporate Liability Editor
We take no delight in having been right on these issues, because the filing of this kind of suit confirms that a significant breach has occurred, and many people have been harmed. We prefer that security gaps be identified and addressed before there is a crash. My prediction is that other companies will be involved. This does not let Heartland off the hook for whatever lapses they may have made, but my bet is that there are other weak links in the data access chain that connects to Heartland; that is, there may be joint causes and multiple weak links involved in this breach.
ISR News: NSA Should Oversee InfoSec
Excerpts By Blog.Wired.com’s Kim Zetter
Despite the fact that many Americans distrust the National Security Agency for its role in the Bush Administration’s warrantless wiretapping program, the agency should be entrusted with securing the nation’s telecommunications networks and other cyber infrastructures, President Obama’s director of national intelligence told Congress on Wednesday.
Recession Leads to More Cyber-Scams
Excerpts From InsideSelfStorage.com
Cyber-scams have been a problem since the Internet’s conception. But with the economic recession, the number of scams is on the rise. Experts and law-enforcement officials who track Internet crime say scams have intensified in the past six months, as fraudsters take advantage of economic confusion and anxiety to target both consumers and businesses.
FDIC Q4 2008 Graphs Show No Bottom
Source: FDIC.gov
Insured banks and thrifts set aside $69.3 billion in provisions for loan and lease losses during the fourth quarter, more than twice the $32.1 billion that they set aside in the fourth quarter of 2007. Loss provisions represented 50.2 percent of the industry’s net operating revenue (net interest income plus total noninterest income), the highest proportion since the second quarter of 1987 when provisions absorbed 53.2 percent of net operating revenue. As in the fourth quarter of 2007, a few institutions reported unusually large trading losses, while others took substantial charges for impairment of goodwill.
Heartland Suit Alleges “Inadequate” Security
Source: Law Offices of Howard G. Smith
The investigation focuses on allegations that statements made by the Company during that period were false and misleading and failed to disclose or indicate, among other things, that: (1) the Company’s safety and security measures designed to protect consumers’ financial records and data from security breaches were inadequate and ineffective; (2) the Company faced liabilities associated with a breach of the Company’s payment processing network and increasing costs associated with implementing appropriate security measures; and (3) as a result of a breach in the Company’s payment processing network, the Company was at risk of losing customers.
Heartland CEO Now Under SEC Investigation
By Anthony M. Freed, Information-Security-Resources.com Financial Editor
“The investigation may relate to stock trades made by Heartland Chairman and CEO Robert Carr after Visa notified Heartland of suspicious activity on Oct. 28, 2008. According to insider trade filings, Carr sold just under US$8 million worth of stock between Oct. 29 and the day the breach was disclosed. Heartland’s stock was trading in the $15-to-$20 range for most of these transactions, but it dropped following the breach disclosure. It closed Wednesday at $5.49.”
ISR News: Internet Records Law Proposed
Excerpts From CNET.com
Republican politicians on Thursday called for a sweeping new federal law that would require all Internet providers and operators of millions of Wi-Fi access points, even hotels, local coffee shops, and home users, to keep records about users for two years to aid police investigations.
ISR News: FTC Slams On-Line Payday Loans
From The Federal Trade Commission:
According to the FTC’s complaint, the companies offered loans of $500 or less within 24 hours without requiring a credit check, proof of income, or documentation. Consumers were told that they qualified for a loan that had to be repaid by their next payday with a fee ranging from $35 to $80, and that if the loan was not repaid by then, it would be extended automatically for an extra fee that would be debited from the consumer’s bank account “until the loan is repaid.”
