Yawn.....Another multi-million dollar data breach - Page 2

mbpark · 01-25-2009, 07:47 PM

Bruce,

I think both, with an emphasis on lazy IT people, because systems like this are very hard to set up, and are why InfoSec people make a lot of money.

You just don't cut the budgets for this unless you're very stupid. It makes no sense.

Then again, knowing some of the middle managers I deal with in IT, nothing they do makes sense to anyone but themselves.

Mitch

Quote:

Originally Posted by xoxoxoBruce

Mitch, do you have a feeling for whether this Heartland fuck up was lazy IT people, or management cutting IT to the bone for the bottom line?

richlevy · 01-25-2009, 08:39 PM

Quote:

Originally Posted by mbpark

Then again, knowing some of the middle managers I deal with in IT, nothing they do makes sense to anyone but themselves.

The funny thing is that this is 2 years after the TJX computer intrusion, which cost that company 256 million dollars!! So with all of that history, and considering that, unlike TJX, their entire company is built around computer data, one would think that they would be hyper-secure.

Well, it appears that there is significant progress in the Heartland case. The company has created a website to inform the public. Note the use of the word unencrypted. They are not saying that PIN numbers weren't taken, just that if they were they were encrypted.

I am so glad that California and then Congress passed a law requiring notification in cases like this. Does anyone want to bet on whether TJX and Heartland would have announced the breach if they weren't forced to by law?

Quote:

No confidential merchant data, Social Security numbers, unencrypted personal identification numbers (PIN), addresses or telephone numbers were retrieved in what is believed to be a global cyber-fraud operation. Heartland does not yet know how many card numbers were obtained. Many reports in the press are speculative.

Consumers will know if their card account numbers have been used by reviewing their monthly statements. Cardholders should report suspicious activity to their issuing banks (the bank that issued the card, not the card brand). If unauthorized use is confirmed, cardholders are reimbursed for the fraudulent purchases and are not held financially responsible.

classicman · 01-25-2009, 02:54 PM

My card was not replaced. I was not notified of any breach or possible breach. Additionally, when I called there was no admission by them either.

tw · 01-25-2009, 03:39 PM

Quote:

Originally Posted by classicman

My card was not replaced. I was not notified of any breach or possible breach. Additionally, when I called there was no admission by them either.

I don't see the necessary statement, "The security of my card was breeched". Without that fact, the entire post is meaningless. How do you know a security breech of your card even existed?

xoxoxoBruce · 01-25-2009, 03:48 PM

Quote:

Originally Posted by xoxoxoBruce

Mine hasn't been replaced.

Quote:

Originally Posted by tw

I don't see the necessary statement, "The security of my card was breeched". Without that fact, the entire post is meaningless. How do you know a security breech of your card even existed?

So I suppose mine is meaningless also? And Wolf's was meaning less because she was only speculating hers was replaced because of the security breech?

tw · 01-25-2009, 10:52 PM

Quote:

Originally Posted by xoxoxoBruce

And Wolf's was meaning less because she was only speculating hers was replaced because of the security breech?

Classicman said his card was not replaced. Completely different from wolf whose card was replaced.

Wolf said a card was replaced due to a security breech. classicman suggested his card was not replaced due to no security breech. classicman is invited correct his post to make it relevant. For example, he could add the missing sentence "My card security was breeched". Obviously his post is currently ambiguous.

xoxoxoBruce · 01-25-2009, 11:10 PM

No, Wolf said her card was replace and she SUSPECTED is was because of the publicized security breach, but they wouldn't confirm it.

I said my card was not replaced after the publicized security breach.

Classic said his card was not replaced and although they wouldn't confirm whether his card was breached or not, he was assuming it wasn't because it was not replaced.

If you didn't tail post you would have know that.

classicman · 01-25-2009, 11:48 PM

1) Posted here was an apparent breach at a bank where I have a card.
2) Individual posted that their card was replaced.
3) I questioned the bank whether the apparent breach included me and why my card was not replaced.
4) Another poster jumped to conclusion due to a personal inability to comprehend and again attacked the poster not the post.

TheMercenary · 01-26-2009, 01:39 PM

Uggg. I wonder how an individual will ever know if they have had their data compromised until some damaging event occurs?

TheMercenary · 01-26-2009, 02:05 PM

Come to think of it we did get new Visa cards with new numbers, I wondered why, we have had the same number for many years. But our replacement coincided with the regular exploration dates. Maybe they are just going to do the replacement numbers as normal exploration dates come around. Maybe not to cause so much alarm or raise a flag.

01-25-2009, 02:54 PM	#3
classicman barely disguised asshole, keeper of all that is holy. Join Date: Nov 2007 Posts: 23,401	My card was not replaced. I was not notified of any breach or possible breach. Additionally, when I called there was no admission by them either. __________________ "like strapping a pillow on a bull in a china shop" Bullitt

01-25-2009, 11:10 PM	#7
xoxoxoBruce The future is unwritten Join Date: Oct 2002 Posts: 71,105	No, Wolf said her card was replace and she SUSPECTED is was because of the publicized security breach, but they wouldn't confirm it. I said my card was not replaced after the publicized security breach. Classic said his card was not replaced and although they wouldn't confirm whether his card was breached or not, he was assuming it wasn't because it was not replaced. If you didn't tail post you would have know that. __________________ The descent of man ~ Nixon, Friedman, Reagan, Trump.

01-25-2009, 11:48 PM	#8
classicman barely disguised asshole, keeper of all that is holy. Join Date: Nov 2007 Posts: 23,401	1) Posted here was an apparent breach at a bank where I have a card. 2) Individual posted that their card was replaced. 3) I questioned the bank whether the apparent breach included me and why my card was not replaced. 4) Another poster jumped to conclusion due to a personal inability to comprehend and again attacked the poster not the post. __________________ "like strapping a pillow on a bull in a china shop" Bullitt

01-26-2009, 01:39 PM	#9
TheMercenary “Hypocrisy: prejudice with a halo” Join Date: Mar 2007 Location: Savannah, Georgia Posts: 21,393	Uggg. I wonder how an individual will ever know if they have had their data compromised until some damaging event occurs? __________________ Anyone but the this most fuked up President in History in 2012!

01-26-2009, 02:05 PM	#10
TheMercenary “Hypocrisy: prejudice with a halo” Join Date: Mar 2007 Location: Savannah, Georgia Posts: 21,393	Come to think of it we did get new Visa cards with new numbers, I wondered why, we have had the same number for many years. But our replacement coincided with the regular exploration dates. Maybe they are just going to do the replacement numbers as normal exploration dates come around. Maybe not to cause so much alarm or raise a flag. __________________ Anyone but the this most fuked up President in History in 2012!

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)