Australian Pension Outfit Exposed by HackerAdded: Tuesday, October 25th, 2011
Category: Bit Torrent Freedom > The Right To Share
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, 2010, www.extrattorrent.com
An Aussie insurer that made an attempt to hassle a hacker willing to help the outfit fix vulnerability is currently in great trouble in a cyber billabong.
The insurer was quick to call the police to complain at private security consultant Patrick Webster, after the latter simply informed the company of a bug able to open up access to the insurer’s database of customer private details. The company demanded that Webster wiped his hard-drive and forgot he ever knew about vulnerability in its operations.
It was no surprise that Webster’s story was highlighted by the media reports and it seems now that the antics of the insurer look more than just a PR own goal. Recently the Federal Privacy Commissioner announced he opened his own motion investigation into the pension outfit. Patrick Webster pointed at a serious security hole of the company. Punters had no idea about it until the media reports appeared about the company giving a guy a good kicking. The insurer was described as treating him quite badly. Moreover, the company failed to detect such a glaring and easily exploited security hole. In fact, all Patrick Webster had to do was to change some digits in a URL bar. One can agree that this can hardly be considered a serious hack.
Still, the possibility remains that hundreds of thousands of accounts may have been exposed. At the same time, the pension outfit known as First State Super only managed to warn a few of its customers, while Acting NSW Privacy Commissioner claimed that failing to warn the entire database isn’t acceptable at all.
According to some reports, First State has only informed 500 and something clients whose accounts were exposed by Webster during the demonstration of the flaw, but not all of the customers who potentially could be accessed through the vulnerability. The insurer’s Chief Executive Officer claimed that there was no evidence that anyone else except Webster had obtained illegal access to client accounts. Nevertheless, other security experts that are paid by the enterprises to test the reliability of their networks had doubts that the insurer kept logs or could check.
Meanwhile, the industry observers point out that the company’s 770,000 customers may not have been at risk if only it had heeded a warning after a similar hack which took place earlier in 2011.
October 25th,2011Posted by:
Tuesday, October 25th, 2011
|and this is why company's keep losing "Key Data"... they dont heed the warnings of the REAL Security Experts - Hackers.|
90% of the Industry's "Security Experts" are so far behind the times, its not even worth mentioning. Whens the last time they said anything constructive BEFORE a catastrophe?
|posted by (2011-10-26 00:46:00)|
|The so called Security Experts are always 10 steps behind the Hackers. It's the same as the Police. First the crime then the solution. The only solution is for every company to have it's own private network, working outside of the WWW. But that costs money so they'd rather risk losing our personal data than investing in our security.|
|posted by (2011-10-29 00:49:31)|
|Ya try to help and that's the response...|
Most Popular Stories