Wednesday, July 08, 2009

Old News? Researchers predict SSNs, crack algorithm

This story is curious to me. About 13 years ago I taught some banking security classes with a chap who could do this in his head. I always assumed the algorithm was widely known in certain circles.

"Social Security numbers have a predictable pattern, according to researchers at Carnegie Mellon University, who have developed a reliable method of cracking a person's SSN based on data gleaned from multiple sources, including profiles on social networking sites."

Search Security Coverage: Researchers predict SSNs, crack algorithm putting identities at risk

Thursday, July 02, 2009

TJX to pay $9.75 million for data breach investigations

As reported by SearchSecurity: "TJX Companies, Inc., which has undergone a barrage of lawsuits as a result of a massive data breach of its systems, agreed to pay $9.75 million, settling a lawsuit brought on by Attorneys Generals from 41 states."

That's on top of many previous costs arising from the fact that "over an 18-month period, hackers exploited a hole in TJX's Wi-Fi network and used a modified sniffer program to monitor and capture data from TJX's transaction systems."

Consider: "In December 2007, TJX settled a lawsuit from dozens of banks, agreeing to pay out $40.9 million to cover costs connected to the retailer's massive data breach."