Posted by: phANT1m on May 09, 2011
So I just thought I would put a small recap up on companies that have been attacked and compromised over the last couple of months from the starting of the year (These are mostly high profile news worthy companies).
1) HBGary - This is the case that most certainly one of the most important cases ever that has hit the news. Why? Well first off this is an information security company that top government agencies and high profile companies hire to protect their information and help beef it up. So how did all this come about? Well as it goes a certain member (owner) decided that it would be really cool (well after meetings with a government agency to take down Anon) to go undercover and uncover who the high ranking members or how the hierarchy is within Anonymous. Anonymous did not take to kindly to this and someone within the group hacked the company that is supposed to have been protecting you from hackers. They leaked tons of details and reports from the company resulting in a large amount of chaos and total chaos for the company. Still no idea on their current status but that was a heavy blow for them.
2) Sony - The list is not in order but the Sony hack is an important one. As it goes the company was being lax and arrogant (apparently). They were warned (by who I'm not sure yet) that their system was not secure and compliant with industry standards (PCI which is needed for credit card associated deals). Their PSN (PlayStation Network) was hacked and 2 million credit card details (apparently) were stolen and some say it has been up for auction. But the best bit was that Sony actually blamed Anonymous in court, Anonymous has denied it in a most recent press statement.
3) RSA - One of the only companies who after their data breach managed to keep it on the low down. There company was breached but they rapidly informed customers that their SecurID has been breached and to be careful. They then as rapidly while keeping it quiet fixed everything and thus kept the extent safe and themselves safe on the whole (as far as I know off).
4) OpenID - They were not attacked per se but apparently an exploit was found in the software/coding that allowed people to essentially prove verification without the need for the password. And this is big why? Well as it goes a lot of big sites like Google, Yahoo, Flickr,etc use this software for people to authenticate for ease.
There have been a few more but for now this is pretty good. I am going to be at ITWeb's Security Summit tomorrow so expect some updates and news and maybe more.