TJX - They claim they closed the barn door...
I am at Logan Airport and I just heard CNN report that the CEO of TJX issued a statement that said that TJX waited to report the breach to better contain it.
That is the equivalent of saying 'The barn is secure, we have closed the barn door and put on new locks and hinges... The horses, however, are out of the barn.
This breach, the first one of the year, is a testament of what not to do. The good guys and the victims of data theft need to share information better than the hackers. Does TJX really think that this is the end of it? Do they actually believe that they contained and solved the problem?
In the world of Google, ask.com and other search engines, mass storage, etc. public is forever. Think about spam for a moment. The first time I published my email address back in 1994, I started receiving unsolicited email within a day. I still get at an email address that is 13 years old that I do not use, and have not used to receive legitimate mail since 1996.
My point? Once there is a leak and the info is out - it's forever (relatively speaking).
With all of the technology that's out there it is incomprehensible that company's cannot justify spending money on security. From General Clarke, Cyber terrorism expert, 'If your company spends more money on coffee than on security - you deserved to be hacked and by the way - you will be.'
The other thing I cannot comprehend is when a company says that spending thousands of dollars on security is too much money - they always find a way to spend millions on clean up.
identitystuff@gmail.com
That is the equivalent of saying 'The barn is secure, we have closed the barn door and put on new locks and hinges... The horses, however, are out of the barn.
This breach, the first one of the year, is a testament of what not to do. The good guys and the victims of data theft need to share information better than the hackers. Does TJX really think that this is the end of it? Do they actually believe that they contained and solved the problem?
In the world of Google, ask.com and other search engines, mass storage, etc. public is forever. Think about spam for a moment. The first time I published my email address back in 1994, I started receiving unsolicited email within a day. I still get at an email address that is 13 years old that I do not use, and have not used to receive legitimate mail since 1996.
My point? Once there is a leak and the info is out - it's forever (relatively speaking).
With all of the technology that's out there it is incomprehensible that company's cannot justify spending money on security. From General Clarke, Cyber terrorism expert, 'If your company spends more money on coffee than on security - you deserved to be hacked and by the way - you will be.'
The other thing I cannot comprehend is when a company says that spending thousands of dollars on security is too much money - they always find a way to spend millions on clean up.
identitystuff@gmail.com
Labels: Data Breach, TJX
posted by Mark Mac Auley at 1/30/2007
Get My Identitystuff Newsletter
0 Comments:
Post a Comment
<< Home