Hackers grabbed more than 285M records in 2008

(AP) -- Hackers made off with at least 285 million electronic records in 2008, more than in the four previous years combined, according to a new study that shows identity thieves are getting better at exploiting careless mistakes that leave companies vulnerable to attack.

The number comes from a study of 90 data breaches investigated by Inc., which is hired to do a post-mortem on most big computer intrusions.

No victims are identified in the report. Many of the breaches aren't even public. That can happen if law enforcement insists on secrecy because of an ongoing , or if personally identifiable information wasn't lost in the hack.

In many breaches, especially involving lost or stolen laptops, the records aren't used for anything at all.

Verizon's study looked only at breaches involving attacks that resulted in compromised records being used in a crime, like making counterfeit credit cards and buying homes and medical coverage under someone else's identity - and on their dime.

The company found that 90 percent of the breaches it investigated could have been avoided with basic security measures.

One of those is recognizing how valuable so-called "non-critical" computers are to hackers.

Peter Tippett, vice president of research and intelligence for Verizon's business security solutions division, says criminals aren't looking to crash through the front door with a brazen computer attack. Often they're content to feel around the edges and look for vulnerabilities that can get them in through the equivalent of a side window.

Even by tapping into computers of low-level employees who don't handle sensitive data, hackers can get a toehold for installing more that scans the network traffic and looks for vulnerabilities in other computers.

The study also found that data breaches are getting more severe because criminals are using sophisticated new programs that were custom-designed for particular attacks and weren't known to the security community or law enforcement.

Verizon says 93 percent of all compromised records in its study came from the financial sector.

---

On the Net:

Verizon's report available at:

http://www.verizonbusiness.com

©2009 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.


Explore further

Is danger of identity theft overblown?

Citation: Hackers grabbed more than 285M records in 2008 (2009, April 15) retrieved 21 October 2019 from https://phys.org/news/2009-04-hackers-285m.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
0 shares

Feedback to editors

User comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more