Re: PIN Scandal "Worst Hack Ever;" Citibank Only The Start

[Brian Barrios <bbarrios () gmail com>]

Thomas C. Greene wrote:
> On Saturday 11 March 2006 8:12 am, Florian Weimer wrote:
> > Could anybody explain to me why this is called a "scandal"?  This
> > round of problems seems to be related to questionable customer
> > activities, and is not exactly the bank's fault.
>
> The scandalous part is the fact that the identity of the outfit that caused 
> this problem (OfficeMax suspected) is being withheld from the public.  

Well, it's not just that... "the suspect that shall remain nameless" was
presumably keeping pin numbers longer than necessary, which is against
policy...

Whoever suggested it was a phishing scam.... it wasn't.  That seems
clear from all the press coverage of an intrusion.

Whoever suggested it was really nothing new is pretty correct... this
happens all the time.  The article is really getting more press because
of the "rounding of the wagons" mentioned previously... also adding to
the hipe is this Litan who says "This is the worst hack ever,"...
clearly this Litan isn't aware of much if he thinks this is the worst
ever....

$.02,


-- 
Brian Barrios
bbarrios () gmail com
AIM: BrianBarrios1
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.