U.S. CitiesCity-Data Forum Index
Go Back   City-Data Forum > General Forums > Science and Technology
 [Register]
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
View detailed profile (Advanced) or search
site with Google Custom Search

Search Forums  (Advanced)
Reply Start New Thread
 
Old 11-07-2014, 12:20 AM
 
6,323 posts, read 8,662,993 times
Reputation: 2674

Advertisements

Home Depot hackers stole 53 million emails, too - Nov. 6, 2014


Survey: Nearly half of cardholders likely to avoid hacked retailers - News - 1450 WHTC Holland's News Leader


What's the solution to this? There doesn't seem to be anything full proof for preventing this.
Reply With Quote Quick reply to this message

 
Old 11-07-2014, 06:28 AM
Bo Bo won $500 in our forum's Most Engaging Poster Contest - Tenth Edition (Apr-May 2014). 

Over $104,000 in prizes has already been given out to active posters on our forum and additional contests are planned
 
Location: Ohio
16,431 posts, read 32,261,708 times
Reputation: 12740
Most online security is reactive, plugging holes as they are discovered. Whereas, hackers derive their livelihood from finding and exploiting security holes. They're always going to be one step ahead, because their livelihood depends on it.

As a consumer, all you can do is hope that the companies you do business with are doing everything they can to plug the security holes that the world knows about and to detect as quickly as possible the ones that they don't know about yet.
Reply With Quote Quick reply to this message
 
Old 11-07-2014, 07:21 AM
 
Location: HoCo, MD
3,918 posts, read 7,565,760 times
Reputation: 4155
There is no "preventing" this. You simply can't completely eliminate fraud/abuse/crime. You can only do what's necessary to reduce that risk to an "acceptable" level. The key here is what's acceptable? More often it comes down to money. You obviously don't spend more on security than the loss will cost. But what if that cost is shared between multiple parties that do not have a direct link? In the case of credit cards - the loss is more often incurred at the banks, but the controls are implemented at the merchants - hence the slow adoption of more secure transaction methods.

We should be seeing some changes come next October when the liability shift with regards to the use of EVM cards goes into affect.
Reply With Quote Quick reply to this message
 
Old 11-07-2014, 11:01 AM
 
Location: Somewhere in northern Alabama
16,889 posts, read 51,443,250 times
Reputation: 27813
There are solutions, but they can be wildly expensive. The Russians went back to typewriters, stores that never computerized are unhackable, and simply slowing and capping any data transfers and crippling all input/output to a bare minimum can add security.

With businesses that have stock, the key to remember is that it is all about reducing immediate costs and increasing profits. The future is someone else's problem.
Reply With Quote Quick reply to this message
 
Old 11-07-2014, 02:22 PM
 
10,683 posts, read 17,060,915 times
Reputation: 10121
And many companies take the stance of, we'll worry about it if it happens. They fail to do proper auditing or evaluation, fail to encrypt critical data, fail to keep servers updated/secured. People don't learn from other peoples mistakes. There are plenty more breaches to come.

The apology statements that always come after a breach claiming that our privacy and data security are of the utmost importance to them are nothing but a joke.
Reply With Quote Quick reply to this message
 
Old 11-07-2014, 03:28 PM
 
2,385 posts, read 3,042,762 times
Reputation: 4660
There is a real simple solution.......use cash instead of a card if you are worried about it. They can't hack cash. lol
Reply With Quote Quick reply to this message
 
Old 11-07-2014, 06:58 PM
 
Location: Tyler, TX
15,194 posts, read 17,712,726 times
Reputation: 7981
Quote:
Originally Posted by NHDave View Post
The apology statements that always come after a breach claiming that our privacy and data security are of the utmost importance to them are nothing but a joke.
I disagree. As the link in the OP suggested, customers don't want to shop at stores that have had significant security issues. It is absolutely in their best interest to treat our data carefully, because they know that if they don't, there's a strong chance they'll lose that customer along with who knows how many future customers.

As a business owner myself, I'm hypersensitive to keeping my customers' payment and tax ID information secure. The very last thing I ever want to have to do - even less than closing the doors - is send my customers a notice informing them that their info was somehow stolen from us. It's a reputation crusher and would be a personal failure that would stay with me much longer than losing the business would.
Reply With Quote Quick reply to this message
 
Old 11-07-2014, 07:16 PM
 
10,683 posts, read 17,060,915 times
Reputation: 10121
Of course it's in their best interest to secure our data, but they don't, yet they claim it's important after they loose said data. Usually because someone did something stupid or didn't do something they should have.
Reply With Quote Quick reply to this message
 
Old 11-07-2014, 07:28 PM
 
Location: Tyler, TX
15,194 posts, read 17,712,726 times
Reputation: 7981
Quote:
Originally Posted by NHDave View Post
Of course it's in their best interest to secure our data, but they don't, yet they claim it's important after they loose said data. Usually because someone did something stupid or didn't do something they should have.
You just proved my point. The failures are typically human, not a failure in their processes or policies.

A company with thousands or tens of thousands of employees can't guarantee that each and every one of those people will have the security of your personal data high on their priority list. It's not reasonable. What they can do is develop policies and procedures that reduce the risk of exposure as much as is practically possible. And honestly, what more can you ask them to do? You're a techie guy - what solution do you have that guarantees to eliminate the hacking of all computer networks?
Reply With Quote Quick reply to this message
 
Old 11-07-2014, 07:46 PM
 
Location: Someplace Wonderful
5,170 posts, read 3,733,762 times
Reputation: 2546
Anyone with an ounce of sense does not put their company network on the internet directly. There are many ways to protect your company internal network from the big bad world outside. Even e-commerce sites which by nature need to connect to the internal network.

PS your firewalls alone are not enough, as witnessed by these several breaches over the past couple of years.

Face it. Most businesses are too cheap and too lazy to create secure networks.
Reply With Quote Quick reply to this message
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.

Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.


Reply
Please update this thread with any new information or opinions. This open thread is still read by thousands of people, so we encourage all additional points of view.

Quick Reply
Message:

Over $104,000 in prizes was already given out to active posters on our forum and additional giveaways are planned!

Go Back   City-Data Forum > General Forums > Science and Technology
Follow City-Data.com founder on our Forum or

All times are GMT -6.

2005-2018, Advameg, Inc.

City-Data.com - Archive 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35 - Top