“Over-Reacting” to Data Breach Reports

After Benjamin Wright's comments on my previous post about Best Western, I hopped on over to his blog and took a look at his point of view. Speaking from a consumer point of view, I find cold comfort...
European Hotel Chain Has Their Customer Data For the Past Year Accessed

Visited Europe in the last year and used a Best Western Hotel? Your credit card, expiration date, the company that employs you, your name, address and future bookings may be in the possession of a Russian Mafia website. An enterprising Scottish newspaper, the Sunday Herald, noticed on Thursday...
How to Audit Databases: Part I

Databases are enormous, powerful repositories of data. They can hold payroll, HR personnel data (think social security numbers) stock prices, Accounts Receivable, Client Relationship Management, and customer information. Banks can't live without them. Most medium and many small sized businesses...
I Can Make Your Database Lie to You

So many financial auditors, CEOs, CFOs and others rely on electronic data to understand the complexities of General Ledger, Accounts Payable, etc. In this era of SAP, ADP, electronic time clocks, etc., the one common denominator is the database underlying each application. Applications...
Let’s Not Overuse “Identity Theft”

I've noticed lately that the press has started applying this term liberally when data is stolen. Data theft is NOT the same thing as identity theft. (And when did we start capitalizing it, by the way?) Data theft does not equal identity theft, because not all data that is stolen is used to...
Monitoring Insider Access to Databases

The recent report on the Countrywide data theft got me thinking again about how to monitor insider access to databases. The story is that the thief had access to the...
Kill Your WEP Now

The announcement on Tuesday that indicted 11 people for "the largest data breach in history" was an interesting read: The indictment returned Tuesday by a federal grand jury in Boston alleges that the suspects hacked into the wireless computer networks of retailers including TJX Cos., BJ's...
ATMs – Automated Theft Machines

It's absolutely fascinating (in a nerve-wracking sort of way) to read about how many different ways there are to use ATMs to capture (and steal) accounts and PIN numbers. From there, it takes very little time to create a fraudulent card and spend what you can before the bank catches up. It's a...