SQL Injection
Still on top
Miscreants gained access to US healthcare billing vendor AccuDoc Solutions' database for about a week in September, exposing the data of at least 2.65 million people. North Carolina-based Atrium Health, a customer of AccuDoc Solutions, this week said it had been affected by the breach. The firm operates 44 hospitals across …
Too often the breach is caused by not fixing a know problem such as SQL injection or by not patching the code because it is too inconvenient. So a breach is inevitable when a black hat stumbles across them and given some the problems just about barely breathing script kiddie could hack some of these outfits.
Let's see, scaling for length of breach, bonus multiplier for SSNs.... that should be a fine of at least $50,000. Boy oh boy, that's gonna show them.
And that identify protection only lasts for a year (that's all Equifax and Experian each gave me when they were breached). So if I'm a hacker stealing SSNs, wait a year. Most of those SSNs (unlike credit card numbers) will still be valid.
I have so many "1 year free credit monitoring" offers that I could pass them along to my children and grandchildren and they would never run out - seriously, one of our credit cards is being replaced (for the 4th time in as many years) due to a corporate data breach, and then there are the debit card replacements, and just general company, organization and government technical security incompetence.
0