Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Monday, 20 March, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

More than a million impacted by loyalty card breach

by The Gurus
November 20, 2013
in Editor's News
Share on FacebookShare on Twitter

Loyalty scheme company LoyaltyBuild has confirmed that it has been the victim of a sophisticated criminal attack.
After it was widely reported that more than 1.5 million people were known to have had personal information compromised by the security breach, the Irish company said that it was “working around the clock with our security experts to get to the bottom of this and to further enhance our security in order to protect our valued customers”.
It said: “From the moment we first detected a suspected security breach on Friday, October 25th we immediately engaged the services of an expert forensics security team and have worked tirelessly to try to rectify this situation.
“As the safety of our customer data is of utmost importance to us we immediately informed our clients of this new development so they could put their own processes in place to inform customers of any potential compromise to their data.
“Unfortunately, the threat of cyber-attacks is increasingly becoming a reality of doing business today and LoyaltyBuild would like to sincerely apologise for any distress or inconvenience caused.”
Check Point’s UK technical director Tom Davison pointed out that this breach is far more extensive than originally thought, and warned users to be wary of links in emails which claim to be from LoyaltyBuild or its affiliates, no matter how authentic they seem to be. “There’s a very real risk that attackers will use the details exposed in the attack to send phishing emails to users, to try and harvest more sensitive data,” he said.
“Attacks against companies with the aim of stealing customer data are still a real threat. We recently surveyed over 2,600 C-level and IT staff at firms globally, and found they reported an average of 68 new security attack attempts per week, with data theft as the main objective. This is one of the biggest breaches in recent years, showing the problem isn’t going away.”
Paul Ayers, VP EMEA at Vormetric, said: “Hacking attacks are becoming much more focused on securing a worthwhile payload – that is to say sensitive customer data that can be used for fraudulent purposes. In this instance it is unclear as to how those behind the attack got in, but it shows that any company that holds personal information that could potentially be exploited is likely to find themselves in the sights of cyber criminals.
“This is particularly true of credit card data and fortunately, standards exist to regulate the processing of such sensitive information – though whether enough organisations give these the attention they deserve, remains to be seen.
“It’s very important for businesses to continuously monitor their networks for suspicious activity in order to identify and neutralise attacks at the earliest possible stage – ideally, before any data is stolen. Every organisation will have some measure of IT security in place, yet we continue to see breaches. Traditional IT security measures simply don’t provide effective defence for data which needs to be protected at source – giving security from the inside out.”
Mark Bower, vice president of product management at Voltage Security, pointed out that the company is not displaying compliance with the PCI standard, and called it “inexcusable in this day and age”.
He said: “The three digit codes (CVV code) from credit cards should never be stored, even encrypted. Per PCI DSS, there are no exceptions to this rule. Why was it ignored here? There’s no need for it in a loyalty application whatsoever.
“Given the ease of protecting data these days, there’s no excuse for this large scale breach, especially as cardholder data w
ith three digit codes is exactly what attackers find most attractive as it’s immediately convertible to fraudulent goods purchases online including purchase money vouchers – converting stolen card details to cash.”

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

IBM set to bolster mobile management with acquisition of Fiberlink

Next Post

Microsoft open collaborative cyber crime centre

Recent News

Nominations are Open for 2023’s European Cybersecurity Blogger Awards

Nominations are Open for 2023’s European Cybersecurity Blogger Awards

March 20, 2023
TikTok to be banned from UK Government Phones

TikTok to be banned from UK Government Phones

March 17, 2023
New AT&T Cybersecurity USM Anywhere Advisors Service Helps to Establish and Maintain Threat Detection and Response Effectiveness

Should Your Organization Be Worried About Insider Threats?

March 17, 2023
Guild Education controls API abuse with Salt Security

Guild Education controls API abuse with Salt Security

March 16, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information