Target store security breach - Worried? Is the problem being addressed? (1 Viewer)

Rx_

Nothing In Moderation
Local time
Yesterday, 18:11
Joined
Oct 22, 2009
Messages
2,803
Target stores in the US reported tens of millions of people's security were breached with the Point-Of-Sales registers.
While the companies receive a slap-on-the-wrist fine, the problem appears to be growing. There is a question about the ability (or willingness) to hold foreigners accountable if they were involved or to hold companies liable.
Consumer Protection laws require disclosure of Risk in everything from food to toys.
-- Should Electronic Data Processing require notice too?
-- Is ID Theft equal to terrorism?
-- Should Companies such as Wall-Mart, Target be held fully responsible even if it means they go out of business?
-- Do you worry about Identity and Fraud from your credit card?

Target.com web site shows that IT jobs takes place in India.
Apple (Adobe) also was breached years ago. Since then, there have been many including a credit card processing company fined when foreign workers knowingly wrote process into the code that is used for credit cards information transfer for other purposes. The trend appears to be growing.

http://www.marketwatch.com/story/infosys-faces-record-us-immigration-fine-2013-10-29
"The government is expected to announce Wednesday it will fine Infosys about $35 Million" (out of the several billions in profits). Nobody will go to jail. Is $35 Million just the cost of doing business?

The H1-B Visa (a permit to bring employees from India to replace US technical workers) Article: "alleged practice enabled Infosys to undercut competitors in bids for programming, accounting and other work performed for clients, according to people close to the investigation. Infosys clients have included Goldman Sachs Group, Wal-Mart Stores Inc. and Cisco Systems Inc. "

InfoSys Article: "Mr. Palmer said he attended meetings in Bangalore, where Infosys officials discussed the need to find "ways to creatively get around the H-1B limitations and process to work the system to increase profits and the value of Infosys" stock," according to the lawsuit. According to Mr. Palmer's complaint, he was asked to prepare letters in support of B-1 applications stating "the employee was coming to the United States for meetings, rather than to work at a job." "

Basically, the article covers how Infosys and other company get around the visa laws by claiming workers are here for a convention. There is no background security checks.
The US GAO (Gov Accounting Office) has said they loose track of these visas. Estimates are there are over 300,000 IT workers in the US. Even my own Congress representative told me "there is a shortage of qualified or skilled US Workers" so Congress should keep raising the quota.

As for me, I am going back to cash. But, banks are now limiting how much cash a person can withdraw out of their own account.
 

scott-atkinson

I'm with the Witch.......
Local time
Today, 00:11
Joined
Aug 31, 2006
Messages
1,622
I'm not worried about having my bank details stolen, who knows the thief may take pity on me and put something in there... ;)
 

GSSDevelopment

PHP Guru
Local time
Yesterday, 20:11
Joined
Dec 31, 2012
Messages
58
The H1-B Visa (a permit to bring employees from India to replace US technical workers) Article: "alleged practice enabled Infosys to undercut competitors in bids for programming, accounting and other work performed for clients, according to people close to the investigation. Infosys clients have included Goldman Sachs Group, Wal-Mart Stores Inc. and Cisco Systems Inc. "
There are 4 major int'l consulting companies that consume a HUGE portion of H1-B Visas: Infosys, Wipro, Cognizant, Tata Consultancy (I used to work at one of these). The system is largely abused by large companies (namely, these 4) and it's quite difficult for any other companies to acquire them.

All of these companies use a two-team model of H1-B workers at the client site and a remote team in India. This is what allows them to undercut competitors in the bidding wars. They have to pay the onsite workers a decent wage (cost-of-living in the US a quite high compared to India), but they will pay their offsite workers about 25%-30% of what a comparable US-hire would be paid.


As for me, I am going back to cash. But, banks are now limiting how much cash a person can withdraw out of their own account.
I now work for a credit card processing company, and ever since working here, I find that I use my credit card for more things (opposed to my previous habit of using mostly my debit card, and cash on the side.

Despite the security breaches, credit cards are still a far more secure option for payments than cash, and it's easier to nip theft in the bud. CC issuers can completely cancel a card number and re-issue cards if numbers are stolen, (same with banks), and the chargeback/dispute option for credit cards offers a lot more protections than if someone steals your wallet and spends your cash.
 

kevlray

Registered User.
Local time
Yesterday, 17:11
Joined
Apr 5, 2010
Messages
1,046
Unfortunately with the latest breach information. The thieves got personal information so that they could steal someone's identity. I am wondering why it took so long to discover the breach.
 

GSSDevelopment

PHP Guru
Local time
Yesterday, 20:11
Joined
Dec 31, 2012
Messages
58
Digital theft rarely takes the metaphorical form of storming the doors and kicking things over. It's usually done over the course of a couple of days or weeks, and with small enough changes that they aren't easily detected.

e.g. Last time I initialized an unauthorized forcible copy of a user DB, I pulled it through a forced download limit of 25KB/s so my constant 7MB/s wouldn't trigger any alerts on the server side. 2 days later, I had all of the data I could possibly want (approx 3.2GB).
 

David R

I know a few things...
Local time
Yesterday, 19:11
Joined
Oct 23, 2001
Messages
2,633
Several other companies are now in the news as well, it wasn't just Target.

Why the US still has such lax security astonishes me... but then not really.
 

Fifty2One

Legend in my own mind
Local time
Yesterday, 17:11
Joined
Oct 31, 2006
Messages
1,412
We only use currency or prepaid cards, so point of sales issues are of very limited impact to us. Financially limited to the value of the prepaid card and zero data theft risks.
 

Fifty2One

Legend in my own mind
Local time
Yesterday, 17:11
Joined
Oct 31, 2006
Messages
1,412
Probably discovered rather quickly. Most of the dwell time between breach and announcement was likely gobbled up by lawyers and spin doctors...

Unfortunately with the latest breach information. The thieves got personal information so that they could steal someone's identity. I am wondering why it took so long to discover the breach.
 

Users who are viewing this thread

Top Bottom