"This is yet another [incident] in what is turning into a major 'breach streak,' which will make all of us rethink what information security really means," says Mike Urban, senior director of fraud solutions for FICO.
Breaches will not slow anytime soon, and there's not much financial institutions and the payments chain can do to stop them. At this point, the best course of action for banks and retailers is to focus on damage control.
Some organizations hesitate to involve law enforcement in their breach investigations for fear that exposing the hack would cost them their reputations and money. A Justice Department contingent tells a gathering of lawyers why that impression is wrong.
When a database breach occurs, consumer notification continues to be a public problem. And it's time for the federal government to step in, says Linda Foley, co-founder of the non-profit Identity Theft Resource Center.
Victimized by a hack of its SecurID authentication token that resulted in the breaches of several customers' IT systems, security maker RSA is expected to announce its first chief security officer as early as Friday.
Art Coviello, RSA's executive chairman, confirms that information taken from RSA in March had been used as an element of an attempted broader attack discovered late last month on SecurID customer and defense contractor Lockheed Martin.