Monster breach hits South Carolina taxpayers.
Unfortunately this shouldn't come as a surprise to anyone anymore. According to the report in early September "unknown hackers "probed" agency systems, and sometime in the middle of the month, they were able to access the data that was stolen". Details related to the breach were limited to the comment that it was tied to a "server issue" by South Caroliana Department of Revenue spokesperson Samantha Cheek.
Folks, the breaches aren't stopping. We have insecure wireless networks, servers, code and sloppy employees out there. We've got journalists and CEOs pushing BYOD (bring your own device) and cloud technologies. The "cool kids" are all over implementing these new ideas. It's likely we still have folks with unencrypted tapes and computers sitting in their vehicles. Wake up folks! We are not ready to bring our own devices! It's clear that the criminals are more persistent than the industry.
Something has got to change.
Can we MAKE programmers write more secure code? Secure the networks? Quit buying equipment from foreign companies who insert backdoors and insecure code? How about that cloud? Is your information hosted in a country where privacy laws allow them to access the data you think is secure?
Social security data is the basis for critical functions for Americans. Our social security number is the identifying number that is used to store our credit score, social security eligibility, health records (in many cases), tax records, as well as a host of other important data.
What can we do to protect ourselves?!! Clearly consumers cannot secure the data center or the programming running systems. We can freeze our consumer credit (Equifax, TransUnion and Experian), stop using credit or isolate ourselves from society by living in a cave. It's a lot of trouble to freeze your credit if you want to buy anything. Most people couldn't live without some type of credit and living in a cave is not going to work for most folks.
Obviously the solution is to ensure equipment, software and people do the right thing for existing and future equipment. The other solution is to increase the scrutiny used when approving loans, credit cards or anything else used to modify or use information tied to social security numbers and associated personal information.
Do you hear me Dell? Don't send a TV out when some yayhoo opens up a credit card and buys a $5,000 TV without scrutinizing the request. Put additional checks and balances into the equation. Weeks later you find out that the television went to someone other than the person it was billed to. The system ain't workin'.
I'm still a paranoid consumer and I hope you are too. I want to see more scrutiny out there folks!
No comments:
Post a Comment