.

How to Steal 80,000 Identities in One Day

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Tue Feb 27, 2007 12:08 pm

How to Steal 80,000 Identities in One Day

Very interesting read. This could be a great way to test your disaster recovery plan with or without the knowledge of your CEO... although I don't recommend the latter.

Author’s Note: How do you get the attention of the executives at your company if you feel the security systems are lacking? Fake a news article on a huge break in, and place it on the CEO’s desk. We were asked to create such a story, and wanted to share it with you as a case study as to just how someone could Steal 80,000 Identities in One Day.

April 1st started like any other for Acme Medical Services. Patients were calling in to cancel appointments due to scheduling conflicts, staff members were alerting their managers that they couldn't come into work because they were sick, and the IT department was busy with their normal morning routine. From the perspective of Acme, all appeared normal.

However, by April 3rd, Acme's situation would be anything but normal. Administrative staff would be busy informing patients their personal data was stolen, managers would be calling their health care professionals to tell them to stay home because the offices were closed until further notice, and the IT department would be busy trying to figure out just how they had lost control of the personal information of over 80,000 of their clients. Life at Acme would be anything but normal.


For full story:
http://www.informit.com/guides/content. ... m=243&rl=1

Don
CISSP, MCSE, CSTA, Security+ SME
<<

oleDB

User avatar

Recruiters
Recruiters

Posts: 236

Joined: Thu Jul 20, 2006 8:58 am

Location: HOA

Post Tue Feb 27, 2007 1:56 pm

Re: How to Steal 80,000 Identities in One Day

I'm pretty confident most bureaucratic companies would spend their time trying to lynch what individual/team wrote the story instead of actually "getting it"

We attempted something similar to that at my company and the report and story were buried never to see the light of day. :(

Return to /root

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software