Well known security journalist, Brian Krebs, was affected by an incident that occurred Christmas eve when his account was hacked. An unknown/new email address was added to his primary account even after he had changed it back (after getting an email from PayPal). Apparently the hacker only needed his last 4-digits of SSN and a previously used credit card. Unfortunately, the PayPal help desk monitoring placed on Krebs account was not able to detect the same perpetrator’s email address when added the second time. While no funds were lost, it’s reported the hacker was attempting to send money to terrorist organization and/or ISIS. Standard reply from PayPal about valuing customer data and services, etc. so we’ll see what developments arise…
BTW, Tamebay.com reports PayPal processing average of $8,773 payments per second, doubling the amount back in 2011; and estimated $20+ billion more than 2014 to the total of $260 billion in payments in 2015. If that’s not enough, in store processing to about 18,000 physical stores, and money transfers via acquired company Venmo of about $5 billion.
With these volumes and financial industry heavy regulation e.g. FFIEC, you would think this sector would be ahead of the cybersecurity curve…
No comments:
Post a Comment