The security breaches this year go beyond consumers being compromised and extend deep into our nation's security. This is mainly due to a big breach at RSA Security owned by EMC.
The big breaches have been coming so often that it is easy to forget. Here is a recap so far for 2011:
Reported in Feb - Nasdaq, malware on their network, damage unknown but critical to the exposure of the US economy
March 17 - RSA, even the big security company who plays a role in securing the US government and most of the top companies in the US had their network breached by the use of a phising email. Information regarding RSA Secure ID tokens was compromised. This now calls into question the long term effectiveness of this defense. Specifically RSA dual factor authentication algorithms may have given attackers a way to defeat the protection. Other breaches summarized below such as L-3 and Northrop Gruman were believed to be related to this breach.
April - Epsilon, over 40M email addresses exposed (blogged about on OLBB here),
April 19th - Sony PlayStation Network - personal data and credit card information of tens of millions, shutting Network down for almost a month
May 21 - Lockheed Martin, the biggest provider of information technology to the US government including F-22, F-35 and other weapon systems. Actual damage not disclosed, but critical to the security of the US since it holds many military secrets. China is the main suspect.
May 26 - Northrop Grumman, shuts down its remote access to its network, damage unknown but it was described as a significant and tenacious attack on its information network.
May - L-3 Communications - major attacks due to the RSA Security compromise, details not known
June - Google Gmail, hundreds of emails compromised through a phising attack, significant because it involved US government officials. China main suspect.
Reported in June but hacked in April or May - Citi, ~200M credit card accounts
No comments:
Post a Comment