Re: Two weeks to contain a security breach?!?!?

[Valdis.Kletnieks () vt edu]

On Mon, 17 Mar 2008 17:01:36 EDT, "Richard M. Smith" said:

> "Hannaford became aware of the breach Feb. 27. Investigators later
> discovered that the data breach began on Dec. 7; it wasn't contained until
> March 10, said Carol Eleazer, Hannaford's vice president of marketing in
> Scarborough."

Let's look at the flip side:

"PORTLAND, Maine (AP) - A security breach at an East Coast supermarket chain
exposed 4.2 million credit and debit card numbers and led to 1,800 cases of
fraud, the Hannaford Bros. grocery chain announced Monday."

4.2 million exposed, 1,800 fraud.  Pretty low percentage.  At some point,
somebody has to make a *decision* - will it likely be more costly for the
organization to deal with a few thousand fraud cases because they took a slow
and careful approach to cleaning up while operations continued, or the
wholesale devastation of "screw it, 'ifconfig eth0 down' and we're running
everything in offline mode until we figure out what happened".

Tell me - how much will it cost them to payback the fraud?  And how much
business would they have lost if they had to tell customers "Sorry, cash or
check only, we can't take plastic for the next week or so because of a computer
issue"?

Attachment: _bin
Description:

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.