Jun 09 2011

Citi credit card security breach discovered

Category: Security BreachDISC @ 10:42 am

Image via Wikipedia

“Citigroup says it has discovered a security breach in which a hacker accessed personal information from hundreds of thousands of accounts.

Citigroup said the breach occurred last month and affected about 200,000 customers.”

“During routine monitoring, we recently discovered unauthorized access to Citi’s account online,” said Citigroup, in a prepared statement. “A limited number — roughly 1 percent – of Citi bankcard customers’ accounting information (such as name, account number and contact information including email address) was viewed.”

According to its annual report, Citigroup has about 21 million credit card accounts in North America, where the breach occurred.

The statement went on to say that the customers’ Social Security numbers, dates of birth, card expiration dates and card security codes “were not compromised.”

Well the routine monitoring discovered the Citi Group incident which clearly shows that intrusion was not discovered during the incident but after the incident had happened.
Cyber intrusion cost will increase and depend upon how late the incident was detected. The organizations should change their corporate strategy to more proactive approach where they can maintain, monitor and improve security controls based on the current value of the information asset.

If you’re a Citibank customer, we suggest you take a look at your account and immediately report any irregularities.

Stopping Identity Theft: 10 Easy Steps to Security


Tags: Citigroup, Credit card, Customer, Financial Times, Online service provider, PlayStation Network, Security, Social Security number

Mar 18 2011

RSA Security breach sparks reseller concern

Category: Security BreachDISC @ 10:33 pm
An older RSA SecurID token without USB connector

Image via Wikipedia

By Doug Woodburn

Rival SecurEnvoy claims channel partners are being inundated with calls from panicked RSA end users in wake of security attack

RSA Security ‘s customer-data breach has sparked “panic” among the vendor’s customers and channel partners, according to rivals.

In an open letter to customers posted on RSA’s website yesterday, executive chairman Art Coviello admitted that an attack had resulted in “certain information being extracted from RSA’s systems”.

Some of that information relates to the EMC-owned company’s SecurID two-factor authentication (2FA) products, Coviello said.

“While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID customers, this information could potentially be used to reduce the effectiveness of a current two-factor authentication implementation as part of a broader attack,” he said.

Andy Kemshall, co-founder of rival 2FA vendor SecurEnvoy, told ChannelWeb that he had been fielding calls from concerned resellers since 1am.

“Channel partners are being inundated with calls from customers panicking regarding their security,” he said. “They believe their tokens have been compromised.”

Former RSA executive Kemshall claimed that RSA’s customers were still in the dark as to whether or not the vendor’s centrally stored ‘seed records’ had been compromised.

If this was the case, any tokens associated with those seed records would also be compromised, said Kemshall.

“Our resellers and end users believe the seed records have been compromised,” he said. “This would mean anyone with the Cain and Abel [password recovery] tool could compromise the second-factor token code so only the pin is left. RSA has suggested that customer data has been compromised but it hasn’t confirmed whether it is seed data, nor has it denied it.”

Kemshall as well as Jason Hart, European chief executive at 2FA vendor Cryptocard, argued the fact RSA customers do not generate their own seed records is a flaw in RSA’s strategy.

Hart said: “It is very worrying and very scary. We have had a lot of inbound enquiries from partners and customers. The fact RSA has come out publicly and said it’s a problem is the right thing to do.”

Ian Kilpatrick, chairman of security distributor Wick Hill, said: “It’s very positive that RSA have publicly addressed it but it appears to be quite a significant incident.”

Coviello urged customers to follow the steps outlined in its SecureCare Online Note.

“We are committed to applying all necessary resources to give our SecurID customers the tools, processes and support they require to strengthen the security of their IT systems in the face of this incident,” he said.

“Our full support will include a range of RSA and EMC internal resources as well as
close engagement with our partner ecosystems and our customers’ relevant partners.”

a cross-discipline overview of smart card including attacks

Tags: Customer, data breach, EMC, EMC Corporation, Jason Hart, RSA The Security Division of EMC, SecurID, Two-factor authentication