Posted on Tuesday, 27th October 2009 by Admin
The jobs.guardian.co.uk online jobs website has about 10 million users, including their US jobs site. Over the weekend they notified about half a million job seekers in the United Kingdom that hackers had compromised their databases and stolen a copy of their personal information, including names, addresses, phone numbers, emails and job history.
The attack on the Guardian Jobs website further highlights that cyber criminals are increasingly interested in collecting personal details from as many people as possible.
They appear to be building dossiers from collections of information such as job site databases, fraudulent online surveys and phishing attacks. This data can be aggregated by criminals to perpetrate acts of fraud, and to gain access to people’s accounts at other online systems such as banking and payments services.
The rate of increase of these attacks is worrying, and the sophistication of online criminals continues to increase.
Its becoming clear that credentials such as usernames, email addresses and passwords are all vulnerable. Protection of online services and cloud computing enterprise services must be improved. An important security capability that is widely employed by corporations to protect themselves against the theft of login credentials is two-factor authentication. This requires the user to have a secondary device, called a token, which is used in addition to a username and password, to gain access to a corporation’s network. Thus, even if a criminal gets a user’s name, email address and password, they still cannot log into the corporate network and steal valuable company data.
We need these protections for online services that are accessed by consumers, and for cloud computing services that companies are beginning to outsource their data services to. Consumers need the same levels of data and access protection that companys have today. Furthermore, for cloud computing to take off in the enterprise market, they will need to provide the same levels of authentication and data protection that companies employ today to protect their own networks.
The days of a username, email address and password being sufficient to protect your data on the Internet are over. All our systems are under constant attack by ever more determined cyber criminals. The industry needs to deploy stronger authentication tools for online services.
Similar Posts:
- Change your Passwords- Accounts Compromised and Good Practice
- 6 Worst Data Breaches of 2011
- Top Targets for Emerging Threats in 2011
- UCM Students Indicted After Trying to Sell 90,000 Classmates Personal Information
- Online Backup vs. Cloud Storage
Tags: Hack, Jobs Website
Posted in Thieft Protection | No Comments »