By Matthew Goldstein and Nicole Perlroth
Updated, 8:57 p.m. | When it comes to defending a large company against an online attack, sometimes luck and timing can mean as much as spending hundreds of millions of dollars a year on computer security.
The broad attack this summer on JPMorgan Chase, which compromised information for 76 million households and seven million small businesses, took the bank’s security team more than two months to detect before it was stopped.
But the intrusion at the nation’s largest bank could have gone on for longer if not for a critical discovery by a Milwaukee security consulting firm that helped JPMorgan uncover the full extent of its breach. That firm, Hold Security, uncovered a repository of a billion stolen passwords and usernames that it said had been pilfered by a loose-knit gang of Russian hackers. The hackers, according to the consulting firm, had infiltrated more than 420,000 websites.
http://dealbook.nytimes.com/2014/10/31/discovery-of-jpmorgan-cyberattack-aided-by-company-that-runs-race-website-for-bank/
and J.P. Morgan found hackers through breach of corporate event website: media | Reuters
edit: If best, add to JP Morgan Confirms Breach - Page 2 - Webroot Community , as that is a Featured Topic.
Luck Played Role in Discovery of Data Breach at JPMorgan Affecting Millions
Userlevel 7
+3
Userlevel 7
Well, I think that this is just the tip of the iceberg and that many such breach go undiscovered for a long time and in some cases, more worryingly, are NEVER discovered.
And I cannot see that changing given the nature of the beast.
Baldrick
And I cannot see that changing given the nature of the beast.
Baldrick
Userlevel 7
+3
More:
After more than seven months of research, Hold Security identified a Russian cyber gang which is currently in possession of the largest cache of stolen data. While the gang did not have a name, we dubbed it “CyberVor” (“vor” meaning “thief” in Russian).
The CyberVor gang amassed over 4.5 billion records, mostly consisting of stolen credentials. 1.2 billion of these credentials appear to be unique, belonging to over half a billion e-mail addresses. To get such an impressive number of credentials, the CyberVors robbed over 420,000 web and FTP sites.
from: http://www.holdsecurity.com/news/
After more than seven months of research, Hold Security identified a Russian cyber gang which is currently in possession of the largest cache of stolen data. While the gang did not have a name, we dubbed it “CyberVor” (“vor” meaning “thief” in Russian).
The CyberVor gang amassed over 4.5 billion records, mostly consisting of stolen credentials. 1.2 billion of these credentials appear to be unique, belonging to over half a billion e-mail addresses. To get such an impressive number of credentials, the CyberVors robbed over 420,000 web and FTP sites.
from: http://www.holdsecurity.com/news/
Userlevel 7
............ WOW.
Userlevel 7
Not all surprised by this revalation...in fact I am surprised that the 'loss' is not greater given the time they were at it. Can you imagine what would happen and may have happened with even larger breaches that it would not be in the 'national interest' to disclose to the public...one just shudders to think of that...it is a case of what we don't know won't scare us...rather than hurt us...LOL
Baldrick
Baldrick
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.