Canadian mobile phone, TV, and internet service provider Bell has confirmed that the company had been hit by an unknown hacker who has managed to access its customer information illegally. In a brief statement released by Bell Canada, the company said an unknown hacker managed to have his hands on data of millions of Bell customers. Robert Capps, VP of Business Development at NuData Security commented below.
Robert Capps, VP of Business Development at NuData Security:
The biggest risk to mass email theft is phishing and malware distribution; 91% of cyber attacks start with a phishing email. Users are reminded to never click on any links received from unknown people or on suspicious links sent by friends on social networking sites or via e-mail.
Clearly educating end users is not the answer to the bigger problem of fraudulent behaviour, nor is the deployment of technical countermeasures to protect end users. The continued success of these attacks highlights a major flaw in identity validation techniques that can be stolen and reused. Companies that hold such critical and personal information about their users have a choice. Rather than just protecting transaction data, companies can accept the full ramifications of data protection and system security by designing their systems to protect their users and ALL account data first. It’s a radical idea, but by doing so we can ensure the data that hackers and cyber criminals can get their hands on won’t allow for ready access to our accounts and our personal information.
A multi-layered approach to authentication that provides newer and more secure techniques such as passive biometrics and behavioural analytics should be implemented by companies to determine if the expected human user is accessing and transacting on the account, or a cybercriminal who needs to be blocked.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.