Skip to main content

lexis-nexis-breach

(0 comments)

As Adam had pointed out the Lexis Nexis breach was due to " misappropriation by third parties of IDs and passwords from legitimate customers".

With Bruce Schneier blogging that ChoicePoint is saying "Please Regulate My Industry", will their be a requirement that certain industries dealing with 'person non-public' information use strong authentication for their customers?

Visa, Mastercard et al now require strong authentcation for merchants and processors over a certain size (dropping in June). I tthink Adam's point is valid: Strong authentication is not that expensive - and it's getting cheaper thanks to companies like us. Yet that industry hasn't taken advantage of existing technology to protect its information. Clearly they think that it is cheaper to take the risk than to invest in security.

Perhaps this is because they have insured over the risk. Perhaps instead of regulation the insurance industry should come up with a standard like the credit card industry has for companies that do business over the internet or that deal with confidential data - like Choicepoint, T-Mobile, Lexis Nexis, etc.

Currently unrated

Comments

There are currently no comments

New Comment

required

required (not published)

optional

Recent Posts

Archive

2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom