100 Hours worth of data breaches
It was a busy weekend for the morally questionable, yet technically literate, people of the world. Over the weekend it was revealed that the International Monetary Fund was hacked, suffering what they called a "major security breach." And just yesterday we found out that the United States Senate was breached by LulzSec, a self styled "gray hat" hacking group ("white hat" hackers are supposedly good, "black hat" hackers are supposedly bad, and "gray hat" are just that - in the gray area between).
Just this morning I read about a small-ish business in Rhode Island whose customers reported fraudulent charges on both their credit and debit cards. That breach involved 100 victims. It's not the size that drew my attention, it was the lack of size that did.
And to round out the 100 hours, Anonymous is claiming that they intend to hack into the Federal Reserve on Flag Day, which happens to be today, June 14th. You see, the group Anonymous has an issue with the world's financial institutions, more specifically, the "global banking cartel..." You can read all about it over at Forbes blog.
LulzSec claimed responsibilityfor the US Sentate breach. Anonymous has stated that they want to bring down the global financial cartel of which the IMF is apparently a member, but no claim of responsibility has been made by them.
A quick aside, the IMF is currently involved in the financial bailout of Ireland, Portugal and Greece. Three European countries who are in financial peril. Germany is footing a sizeable chunk of those bailouts through various means. Ireland, Portugal and Greece are required to provide tons of information to the IMF in order to receive the funds. Do you think that Germany was wondering where all that money was going? Did the IMF have that information? An attack of this scale should suggest that the culprit is someone with lots of time and money and information. See Generally: A Nation State. Maybe Germany would never do such a thing, but how about a certain Asian Country who would love to see the financials on every country in the world. (PS - it appears that this was a "phishing incident", meaning a likely e-mail delivery of the MalCode - don't we learn?)
With the major breaches taking place in New York and Washington, what got my attention was little ol' Rhode Island. 100 people's information was stolen and then used. They had all apparently shopped at two local establishments: White's of Westport and Bittersweet Farms. This one could certainly have been a "morally questionable" employee who was "skimming" patrons' credit / debit card info, or it could have been a more "technologically" based event (meaning a computer hack). The article reports that the people involved believe that anyone who used their card between February 1 and now should check their statements. Law Enforcement is saying that the 100 identified victims are likely the beginning.
The moral of this story is: YES, it can happen to you no matter who you are: The International Monetary Fund, the United States Senate, or Bittersweet Farms of Westport, Rhode Island.