Hello McFly….Epsilon Breach Shows Cybercriminals Has Moved Way Past ID Theft

Major media outlets around the globe are giving greater coverage to the Epsilon data breach story today.  This might be the biggest breach of non-regulated PII (personally identifiable information) in US history. Read more in on the story in this CyberJungle posting Sunday night.

Typically, the mainstream media has focused on Personally Identifiable Information (PII) ID theft: credit card breaches, financial account information theft, and healthcare data breaches. There has been little attention paid to business data theft, by the media, pressure groups and many of the businesses that house the data, since business data is not typically regulated like PII is.

This might be a watershed moment when the attention is shifted to business data. According to a report released last week by McAfee/Intel and SAIC, “…cybercriminals have made the shift from stealing personal information, to targeting the corporate intellectual capital of some of the most well-known global organizations. Cybercriminals understand there is greater value in selling a corporations’ proprietary information and trade secrets which have little to no protection, making intellectual capital their new currency of choice…”

The focus of attention in the Epsilon story is consumer data. Big story number one not yet getting much attention: the wide-spread theft and re-sale on the digital black market of business intellectual property like trade secrets, technologies, sales data, price lists, key customer contacts, manufacturing processes, software code, salary info, and more.

Another big story not getting much attention: contrary to the spin from data collectors and pressure groups, the biggest data risks associated with the collection of consumer information is not that the data collector will sell the data to another firm. The biggest risk is that the data these data collectors will end up in the hands of cyber criminals, a government agency, or become part of damaging civil litigation, all risks that can cause much great harm.

The CyberJungle Radio program that will post Monday, will cover this story and other news about security, privacy and the law. Other stories we are covering include the wide-spread SQL injection attack; a new panic button smart phone app: and an in-depth look at the Advanced Persistant Threat (APT) with Rob Lee of the SANS Institute. Listen to Episode 207 at TheCyberJungle listening options page.

Posted by Ira Victor

One Response to “Hello McFly….Epsilon Breach Shows Cybercriminals Has Moved Way Past ID Theft”

  1. Well I hope that businesses do start taking care to keep their data more secure in the future. it’s more than just about the home consumers who can be losing out when somebody steals important data.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: