LawyersandSettlements.com Interviews Data Breach and Identity Theft Expert on the Impact Data Hacks Have on Consumers

There were 9.9 million incidents of identity theft* last year alone. LawyersandSettlements.com spoke to identity theft and data breach expert Chester Wisniewski of Sophos about the problem, and what it means to consumers.

  • Share on TwitterShare on FacebookShare on Google+Share on LinkedInEmail a friend

Bloomington, IN (PRWEB) March 02, 2014

With more and more consumers venturing online to do their banking and shopping, as well as participate in other e-commerce activities that rely heavily on personal information shared with secure sites, little wonder that Americans might cringe with every report of a data breach. It happens more than we think. According to TransUnion, one of three national credit agencies in the US, there are no fewer than 19 consumers falling victim to identity theft every minute of the day.* What’s more, according to the bureau it costs on average $500 and takes about 30 hours to resolve each incident of identity theft.*

“Part of the problem,” according to Chester Wisniewski, senior security advisor with Sophos, an international cyber security company, “is that sites billed as secure – or sites that consumers assume to be secure – are not secure at all, or at the very least not immune to hackers” –who can easily get beyond anything but the latest and most sophisticated security measures. “There are so many insecure sites,” Wisniewski told LawyersandSettlements.com writer Brenda Craig. “You could find thousands of them every day if you went looking for them.”

And hackers do just that: Wisniewski relates the story of Drake International, a human resources company based in Toronto which, according to Wisniewski, “became the victim to hackers in 2011 and then again in 2013. The personal records of some 35,000 Drake clients were copied, and then removed from Drake’s database. The hackers offered to return the information for a ransom of $50,000.”** Drake was being extorted. “The company’s data had essentially been kidnapped for ransom,” says Wisniewski. “Drake called the RCMP and reported the kidnapping. They didn’t hide, they refused to play ball. They also ended up having to pay for credit monitoring for all the people whose data was stolen,” Wisniewski told LawyersandSettlement.com’s Brenda Craig.

Wisniewski said he is “aware of some data hack situations in which the company paid the ransom to have the data returned,” but he declined to divulge names.

“It’s coordinated opportunism,” Wisniewski continues. “They look for places where people have ‘left the door open.’ They are looking for the juiciest one. The ones they are looking for are ones they can make money from. When they find unlocked doors, they go back and search the domain names to see which ones have information they can profit from in some way,” says Wisniewski.

One law professor and cyber security expert speaking to LawyersandSettlements.com noted that in his view there is little reason to believe that a consumer suffers economic harm when criminals hack into databases. “If it is financial data or credit card data, mostly it is banks or companies that are harmed, not the individual,” says Fred Cate, who spoke from his office at the Center for Applied Cybersecurity at the Indiana University.

Wisniewski, however, takes a different view. “I simply don’t accept that there are no victims here,” Wisniewski continues. “In the US, the bank owns the credit card fraud. But in Canada, the UK, Europe, Australia and New Zealand with chip and pin credit cards, the fraud is on the consumer. They are the ones who pay because the assumption is that they gave someone their pin number.

“Identity theft is a perpetual nightmare,” Wisniewski concludes. “You can’t get a new birthday and [it] is extremely rare that you would be given a new social security number in the US. You never know when it is going to be over.”

** The Financial Post, FP Tech Desk, ‘Drake International the Latest Victim of Hacking, Extortion Scheme against Companies,’ Christine Dobby, January 9, 2013,
http://business.financialpost.com/2013/01/09/drake-international-confirms-database-with-user-information-hacked/?__lsa=e355-e14c

LawyersandSettlements.com provides comprehensive legal news and critical information for those affected by once-in-a-lifetime situations involving medical device lawsuits, personal injury, defective products, California Overtime and labor issues or a host of others. Readers seeking legal help can request it by completing a form which is distributed to attorneys specializing in these cases. Trial attorneys utilize the site to keep abreast of hot legal issues and settlements as well as connect with potential clients. Web: http://www.LawyersandSettlements.com.

About Online Legal Media

Online Legal Media owns and operates websites providing information for the general public and the legal community. LawyersandSettlements.com, founded in 2001, is an online legal news publication with over 2.1 million visitors annually and hundreds of thousands of requests for attorney help from its readership. OnlineLegalMarketing.com serves as a portal for trial attorneys to network and market their firms to other legal professionals. HealthEffectsOfAsbestos.com offers resources for those suffering from asbestos exposure and mesothelioma. Online Legal Media is based in Santa Cruz, California.

Follow Online Legal Media on Twitter @OnlineLegalNews and on Facebook at http://www.facebook.com/pages/LawyersAndSettlementscom/74380229132.

All trademarks are the property of their respective owners.


Contact