[Dataloss] White paper from US Dept of Justice

Henry Brown hbrown at knology.net
Sat May 31 01:05:37 UTC 2008


A news article:
http://www.networkworld.com/community/node/28257
A look into the dark underbelly of data breaches
Submitted by Layer 8 on Fri, 05/30/2008 - 12:28pm.

The process by which large volumes of data are stolen, resold, and
ultimately used by criminals to commit fraud, has evolved from the
sale of a few pieces of sensitive information, such as credit card
numbers and expiration dates, to full blown identity packages
containing multiple types of sensitive personal information.

That is but one of the disconcerting details of a Department of
Justice-penned report that looks at the rapidly morphing, dark side of
stolen personal information

[...]

The actual white paper (will require a PDF reader), which is over 30
pages long...


http://www.cybercrime.gov/DataBreachesArticle.pdf

"Cyber-crime has evolved significantly over the last two years, from
dumpster diving and credit card skimming to full-fledged online
bazaars full of stolen personal and financial information."

Individuals have been at risk of having their personal information
stolen and used to commit identity-related crimes long before the
emergence of the Internet. What the Information Age has changed,
however, is the method by which identity thieves can access and
exploit the personal information of others. One method in particular
leaves hundreds of thousands, and in some cases tens of millions, of
individuals at risk for identity theft: large scale data breaches by
skilled hackers. In this method,criminals remotely access the computer
systems of government agencies, universities, merchants, financial
institutions, credit card companies, and data processors, and steal
large volumes of personal information on individuals. Such large scale
data breaches have revolutionized the identity theft landscape, in
particular as it relates to fraud on existing accounts by use of
compromised credit and debit card account information.

[...]


More information about the Dataloss mailing list