Alabama Business License Holders
alabama business license holders
Looking Back – 2008 Data Breaches
Hurray, another end of the year list. This one though (from Bank Info Security) is not reviewing the top movies, songs, celebrities but, the miserable failures in data security of 2008. With nine more days until the end of 2008, this post could be pre-mature. Data breach threats show no regard for end of the year holiday parties and frivolities.
The data breach incidents of 2008 include the old stand-bys of lost tapes and data due to mistake and theft but also reveals an increased use of break in technologies to steal information from data bases. Numerous “hacking” incidences and infected computer systems not only resulted in millions of dollars in cost to businesses but exposed large numbers of consumers to fraud. Stolen data has to go some where and can be held in reserve for use at a later time, possibly changing hands often before reaching a perpetrator. Data is a commodity. After all, identity theft is a business – suppliers, middle men and end users are the norm, just like in any business.
At least one of these breaches began in 2007 and continued into 2008 due to law enforcement action. Last year’s breaches while not lacking of hacking incidents, were focused more on missing data. For comparison purposes, below the top 10 list find links to stories looking back on 2007 and a link to a comprehensive multi-year listing. APRPEH is currently taking predictions of data loss stories for the end of 2009.
For accuracy purposes, it is important to recognize the difference between lost back up tapes or disks and stolen computers, hard drives or data devices and must be further differentiated from data lost due to hacking, viruses, malware – any active invasion of data storage systems for the purpose of stealing information. It is this last category with its obviously pernicious intent to steal data (vis a vis hardware) which represents a greater threat equation for consumers. The ‘how was it stolen’ question makes a huge difference in predicting whether or not consumers are likely or unlikely to become victims of identity theft.
Top 10 Security Breaches of 2008 – Bank Info Security
Ghost of Christmas Past (TJX) Still Casts Specter on Present and Future
Linda McGlasson, Managing Editor
December 22, 2008
From Hannaford to Countrywide to the Bank of New York Mellon, 2008 has been a year of high-profile security breaches in or impacting the financial services industry. Here’s our list of the top 10 – and lessons that should be learned, so we aren’t back revisiting these issues in ‘09.
1. TJX Case Winds Up, Arrests Made
Earlier this year, The TJX Companies (parent of retailer TJ Maxx) settled in federal court and paid out millions to its federal regulator, the Federal Trade Commission, banking institutions, credit card companies and consumers to bring to a close the court cases that had threatened to overwhelm the company.
The August arrest of 11 alleged hackers accused of stealing more than 40 million credit and debit cards brings law enforcement closer to closing what is still the largest hack ever. The U.S. Department of Justice brought charges against 11 alleged hackers from around the globe. Some of the hacking gang were nabbed and brought to the U.S. to face trial alongside three U.S.-based defendants. Two of the defendants, Christopher Scott and Damon Patrick Toey, have already pled guilty in the case. Others including the ringleader, Alberto Gonzalez, await trial.
Lesson Learned: The wide-range of the perpetrators brings to light something that those in the cyber intelligence realm have known for some time: Criminal hackers are part of a very mature and multi-billion dollar industry that reaches around the world. No organization is immune to the threat.
2. Bank of New York Mellon
An unencrypted backup tape with 4.5 million customers of the Bank of New York Mellon went missing on Feb. 27, after it was sent to a storage facility. The missing tape contains social security numbers and bank account information on 4.5 million customers – including several hundred thousand depositors and investors of People’s United Bank of Connecticut, which had given Bank of New York Mellon the information so it could offer those consumers an investment opportunity.
Lesson Learned: For Bank of New York Mellon, know that when data is released to a third-party that their security is as good or better than yours. Encryption isn’t just something that is good for the data held at an institution; it’s also something to consider for data that leaves the institution.
3. Hannaford Data Breach
In March, the Maine-based Hannaford Brothers grocery store chain announced that 4.2 million customer card transactions had been compromised by the hackers. More than 1800 credit card numbers were immediately used for fraudulent transactions.
The affected banks and credit unions were forced to reissue the credit and debit cards. Within two days of the breach announcement, two class action suits had been filed on behalf of customers against the retailer. The retailer claims its systems were PCI-compliant and had passed a PCI assessment shortly before the hack was discovered.
Lesson Learned: The case is still open, and forensic reports by security investigators brought in by Hannaford have not been made public. The PCI Security Council has pledged that if the PCI requirements are found to be wanting in light of the report, they will make changes to tighten the requirements. Cases such as Hannaford may be the impetus behind legislation to require prompt notification of a data security breach.
4. Countrywide Insider Theft
In August, a former Countrywide Financial Corp. senior financial analyst, Rene Rebollo, was arrested and charged by the FBI for stealing and selling sensitive personal information of an estimated 2 million mortgage loan applicants. How he did it over a two-year period was to download about 20,000 customer profiles each week onto flash drives, working on Sunday nights, when no one else was in the office. Rebollo then took the excel spreadsheets to business center stores to email to buyers.
Countrywide, now owned by Bank of America, was already facing money and reputation issues because of the subprime loan meltdown before it faced the insider threat of Rebollo.
Lesson Learned: While Countrywide and Bank of America now know firsthand what a rogue insider can do, other institutions need to do a better job of monitoring their employees and creating asset controls. As the economy continues to produce layoffs, this threat may become even more so, as fearful employees look to cash in on their trusted status and take data just in case they face unemployment.
5. GE Money Backup Tape Goes AWOL
Early in January, Iron Mountain said it could not find a backup tape that belonged to GE Money, containing information on J.C. Penney customers and 100 other retailers.
The tape was stored in an Iron Mountain vault, says an Iron Mountain statement issued about the loss, and had been requested by GE Money in October 2007. The tape contained the personal information of about 650,000 J.C. Penney customers and the other 100 retailers. GE Money processes credit cards for those retailers. As a records and archive company that specializes in records management, Iron Mountain was at a loss to explain the tape’s whereabouts.
Iron Mountain said it was an unfortunate case of a misplaced tape, but asserts that there was no evidence that the information was obtained and used by unauthorized persons. The missing tape also included about 150,000 social security numbers.
Lesson Learned: While GE Money paid for credit monitoring for the 650,000 credit card holders, Iron Mountain may have learned to better monitor where media is located. For the rest of companies that hold information of a personally identifiable nature, there is another reason to keep it safe from prying eyes. The cost of an average data breach can hit a company’s bottom line. According to a study conducted by the Ponemon Institute, an independent information security and privacy research group, data breaches are costing businesses an average of $197 per customer record, up from $182 in 2006.
6. RSA Report: Half-Million Banking ID’s Stolen
In November, security vendor RSA said it found a single Trojan that had taken more than 500,000 online banking accounts credentials, credit cards and other resources. The company’s Fraud Action Research Team added that the hacking gang behind the Trojan may have been operating for as long as three years. The compromised data came from hundreds of financial institutions around the world.
Lesson Learned: The Trojan Sinowal is so tricky that the average institution or customer would not even know that they are infected with it. Taking a professional, defense-in-depth approach to protecting a network and customers is the best remedy.
7. Compass Bank Hard Drive Stolen, 1 Million Accounts Taken
At the sentencing of a former bank programmer at Compass Bank in Birmingham, AL. in March, it was revealed that the accused had stolen a hard drive with 1 million customer records and used it to commit debit-card fraud. James Kevin Real is now serving a 42-month sentence and was ordered to pay back the more than $32,000 that he and an accomplice withdrew from Compass Bank customer accounts. The bank claimed that the customer records contained limited information, but Real was able to create 250 counterfeit debit cards. He used 45 of them to access and withdraw cash before being arrested.
At the time of Real’s sentencing, Alabama was one of 11 states that didn’t require companies to automatically notify customers of data breaches.
Lesson Learned: Compass Bank dodged a bullet in terms of cost on this breach. It would have had to notify all 1 million customers of the compromise of their data had the hard drive theft been in a state that requires notification. Other than the 250 customers that Real took money from, no other customers were notified of the data loss. That means that 999,750 of the other 1 million customers weren’t notified of the potential risk.
8. Ski Resort Okemo Suffers Hannaford-Like Data Breach
In an attack similar to what hit Hannaford Brothers in March, the Okemo Ski Resort in Vermont said in April it had been hit by hackers that installed malicious software to capture credit card data as it was being processed at the resort. Law enforcement officials at the time said they were investigating as many as 50 other similar incidents in the Northeast.
Lesson Learned: PCI compliance is like a driver’s license — it may mean that a retailer has passed the test for compliance, but doesn’t necessarily mean it is in compliance.
9. Retailer Montgomery Ward
Six months after a breach happened at the parent company of the Montgomery Ward website, the company Direct Marketing Services finally began notifying customers that their credit card information was stolen in the hack. At least 51,000 records were stolen out of a database in December, 2007.
Direct Marketing said it had promptly contacted its payment processor and Visa and MasterCard, and it also notified the U.S. Secret Service.
Lesson Learned: Direct Marketing Services was forced into contacting the customers after the company CardCops, an investigative firm that tracks credit card thefts for the financial services industry, found more than 200,000 payment cards being offered for sale on an Internet chat room often visited by card thieves. Better to take the public relations role and confess the breach than possibly face data breach notification lawsuits by consumers and state attorney generals.
10. More Than $5 Million Taken By ATM Capers
The Automatic Teller Machine capers are hitting everywhere. In June, two men were charged with making hundreds of withdrawals from New York City ATMs, grabbing $750,000 in the process, using stolen information from a previous computer intrusion into a Citibank server that processes ATM withdrawals. One of the same accused also allegedly took $5 million in withdrawals from iWire prepaid MasterCard accounts.
Lesson Learned: While Citibank denied the indictment’s charge that their server had been breached and blames a third-party transaction processor for the compromise, it still meant it had to notify and reissue new debit cards to those customers that the bank believed were exposed to increased risk.
The Top 10 Data Breaches of 2007 – CSO Online
About the Author
APRPEH is a seasoned identity theft investigator having helped numerous consumers with identity theft matters.
|
|
Alabama License Plate Frame by CafePress $15 A real roadside attraction, get your driver’s attitude or cause across on this cool License Plate Frame. Constructed of sturdy, durable, shiny chrome that makes your message POP. Images are applied with a permanent adhesive weatherproof decal. UV and w Alabama License Plate Frame . A real roadside attraction, get your driver’s attitude or cause across on this cool License Plate Frame. Constructed of sturdy, durable, shiny chrome that makes your message POP. Images are applied with a permanent adhesive weatherproof decal. UV and w |
|
|
Alabama Crimson Tide A Collectors License Plate $51.99 Alabama Crimson Tide three dimensional license plate. Made for your automobile but also great to display at work or home. 11 3/4″ X 5 13/16″ |
|
|
Alabama Crimson Tide Chrome License Plate Frame $14 Next time you change lanes- do so with Crimson Tide pride while sporting this Alabama Crimson Tide License Plate Frame on your car. Featuring the Alabama Crimson Tide team name and logo in raised lettering- this Alabama Crimson Tide License Plate Frame is certain to set you apart in traffic. Durable- high-quality metal license plate frame Crimson Tide team name and logo are screened in fade-resistant team colors Easy to install Officially licensed |
|
|
Happiness is Alabama Happy License Plate Frame by CafePress $18 Happiness is being in Alabama designs. Get this fun and unique Alabama design on a license plate, t-shirt, sticker or gift. Happy License Plate Frame . A real roadside attraction, get your driver’s attitude or cause across on this cool License Plate Frame. Constructed of sturdy, durable, shiny chrome that makes your message POP. Images are applied with a permanent adhesive weatherproof decal. UV and w |
|
|
Alabama Crimson Tide Kolder Kaddy Can Holders – Set of 4 $19.95 These foldable Alabama Crimson Tide NCAA can holders are constructed from 3 mm neoprene “Wetsuit” rubber. They are designed to keep your favorite beverage COLD… and your hands WARM! The holder is collapsible and has sewn seams on two sides. The neoprene construction means it is easy to remove the can from the holder – no pliers needed. The Kolder holder will fit in the console of your car, truck, golf cart or boat. |
|
|
Rather be in Alabama Travel License Plate Frame by CafePress $18 I’d rather be in Alabama t-shirts, stickers, and gifts with the unique I’d rather design. Travel License Plate Frame . A real roadside attraction, get your driver’s attitude or cause across on this cool License Plate Frame. Constructed of sturdy, durable, shiny chrome that makes your message POP. Images are applied with a permanent adhesive weatherproof decal. UV and w |
|
|
Alabama License Plate Vintage Magnet by CafePress $4 Alabama state license plate in beautiful Arabic calligraphy. Show people that license plates aren’t just for cars anymore Vintage Magnet Stick ‘em up with our fun and functional magnets. Holds refrigerator notes, photos, dress up a school locker, room or workspace. Adds stylish fun to any room. Collect ‘em, trade ‘em. 2.25 inch diameter. Metal shell. Flat magnet |
|
|
Alabama Crimson Tide Alumni Laser Chrome License Plate Frame $19.99 Decorate your ride with this Alabama Crimson Tide Alumni Laser Chrome License Plate Frame! Chrome license plate features laser cut team design. Chrome body Laser cut design Fits most license plates Officially licensed |
|
|
LICENSE TO DRIVE: ALABAMA-IML $20.8 No Synopsis Available |
|
|
Office Home and Business 2010 – license $187.99 Microsoft Office Home and Business 2010 – License – 1 PC – PKC – Win – Spanish – Not to Latin America |
|
|
Alabama Crimson Tide Laser Chrome License Plate Frame $20 Next time you change lanes- do so with pride while sporting this Alabama Crimson Tide Laser Chrome Frame on your car. Featuring the Alabama Crimson Tide team name in a laser engraved inlay- this Alabama Crimson Tide Laser Chrome Frame is certain to set you apart in traffic. Top of the line metal license plate frame Highly durable and fade-resistant Easy to install Officially licensed by MLB |
|
|
This Is Alabama Football $9.99 Track Listing: 1. Yea, Alabama – University of Alabama Million Dollar Band, 2. 1975: Alabama at Auburn at Legion Field in Birmingham, 3. Get Ready 4 This – 2 Unlimited, 4. 1967: A Wet Rainy Day at Legion Field as Alabama Takes on Auburn, 5. I Feel Good, (I Got You) – James Brown, 6. 1985: The Kick Sends Bama Past Auburn, 7. Sweet Home Alabama – Lynyrd Skynyrd, 8. 1989: Alabama vs. Ole Miss in Jackson, 9. Wild Thing – The Troggs, 10. 1972: Bama Trails Tennessee 10-0 in the Final 3 Minutes at Knoxville, 11. Bammy Bound / B-A-M-A Roll Tide Roll Cheer , 12. 1986: Birmingham’s Legion Field Rocked With the Sack as Bama Finally Beat Notre Dame, 13. Takin’ Care of Business – Bachman-Turner Overdrive, 14. 1989: Bama Against Penn State at Happy Valley, 15. Shout! (Part One) – The Isley Brothers, 16. 1992: The Sec Championship Games Between Alabama ND Florida at Legion Field, 17. Rammer Jammer – University of Alabama Million Dollar Band, 18. New Year’s Day, 1993: The National Championship Showdown…Alabama vs. Miami in the Sugar Bowl, 19. Tide Is High, The – Blondie, 20. 1996: Alabama vs. Auburn at Legion Field in Birmingham, 21. Mickey – Toni Basil, 22. Alabama vs. LSU in Baton Rouge, 23. No Limit – 2 Unlimited, 24. 1999: Alabama vs. Florida at the Swamp in Gainesville, 25. Cotton Eye Joe – Rednex, 26. Go Alabama – University of Alabama Million Dollar Band, 27. 1999: Alabama vs. Auburn…Victory on the Plains, 28. Na Na Hey Hey Kiss Him Goodbye – Steam |
|
|
Alabama Crimson Tide License Plate Laser Tag $28 When you’re a bumper-to-bumper fan- show it with this Alabama Crimson Tide Laser Tag. Features durable acrylic auto tag with team logo laser-cut. Hand-assembled in the USA Officially licensed |
|
|
Alabama Crimson Tide Flame Plastic License Plate $6.99 Our NCAA styrene license plate features a wild flame design around the team logo. The plate comes with 4 suction cups for easy mounting to windows. |
|
|
Alabama Crimson Tide Logo Crystal Stacked Ring Set (Size 6) $89.09 Enjoy this official NCAA licensed Alabama Crimson Tide ring. A great gift for any Alabama Crimson Tide fan!Ladies’ ringTeam color stacked rings – set of threeFeatures the team logo and team color crystals on a stainless steel bandAvailable in sizes 6, 7 and 8Express your team pride with jewelry from LogoArt®. LogoArt® rings are available in 14KT and 10KT gold, sterling silver and gold plated sterling silver. The precise detail of your favorite team’s logo is captured in expensive metal molds. Items are cast of precious metals and hand finished. Team up your ring with one of LogoArt®’s matching money clips or business card holders. Browse all of our NCAA watches too!. |
|
|
Alabama Crimson Tide Logo Crystal Stacked Ring Set (Size 7) $89.09 Enjoy this official NCAA licensed Alabama Crimson Tide ring. A great gift for any Alabama Crimson Tide fan!Ladies’ ringTeam color stacked rings – set of threeFeatures the team logo and team color crystals on a stainless steel bandAvailable in sizes 6, 7 and 8Express your team pride with jewelry from LogoArt®. LogoArt® rings are available in 14KT and 10KT gold, sterling silver and gold plated sterling silver. The precise detail of your favorite team’s logo is captured in expensive metal molds. Items are cast of precious metals and hand finished. Team up your ring with one of LogoArt®’s matching money clips or business card holders. Browse all of our NCAA watches too!. |
|
|
Alabama Crimson Tide Logo Crystal Stacked Ring Set (Size  $89.09 Enjoy this official NCAA licensed Alabama Crimson Tide ring. A great gift for any Alabama Crimson Tide fan!Ladies’ ringTeam color stacked rings – set of threeFeatures the team logo and team color crystals on a stainless steel bandAvailable in sizes 6, 7 and 8Express your team pride with jewelry from LogoArt®. LogoArt® rings are available in 14KT and 10KT gold, sterling silver and gold plated sterling silver. The precise detail of your favorite team’s logo is captured in expensive metal molds. Items are cast of precious metals and hand finished. Team up your ring with one of LogoArt®’s matching money clips or business card holders. Browse all of our NCAA watches too!. |
|
|
PowerChute Business Edition Deluxe – license and media $249.99 PowerChute Business Edition Deluxe – License and media – 25 nodes – CD – Linux Win Solaris |
|
|
Cisco Fax Server Business Suite License 1 Server CFS9XBUSSERV $2526 Cisco Fax Server Business Suite License 1 Server CFS9XBUSSERV |
|
|
Cisco Unified Business Attendant Console License 1 Server Cubattcon $1481.04 Cisco Unified Business Attendant Console License 1 Server Cubattcon |
|
|
Scan To Pc Desktop V10, Professional Small Business Edition (5-Seat License) $807.99 SCAN TO PC DESKTOP V10, PROFESSIONAL SMALL BUSINESS EDITION (5-SEAT LICENSE) |
|
|
Alabama $7.99 Alabama – Photo |
|
|
License $22.99 License |
|
|
Alabama State Defense Force License Plate Frame by CafePress $18 A real roadside attraction, get your driver’s attitude or cause across on this cool License Plate Frame. Constructed of sturdy, durable, shiny chrome that makes your message POP. Images are applied with a permanent adhesive weatherproof decal. UV and w License Plate Frame . A real roadside attraction, get your driver’s attitude or cause across on this cool License Plate Frame. Constructed of sturdy, durable, shiny chrome that makes your message POP. Images are applied with a permanent adhesive weatherproof decal. UV and w |
