Results 1 to 5 of 5
  1. #1
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    United Kingdom: Bridlington

    Culprit or victim?

    Here is an interesting one to discuss?

    The idea is that it should be the entity who allowed its secure data to be compromised should foot the bill for the consequences, rather than the financial institution or customer thereof:


  2. #2
    The ******* Shadow dalek's Avatar
    Join Date
    Sep 2005
    I can agree with this....the banks charge exorbitant interest rates on the cards to begin with that
    Now, banks usually get stuck with credit-card fraud losses, which last year totaled more than $2 billion, the paper said.
    is a drop in the bucket compared to what they rake in, so yeah any institution who is being payed (bank fees/charges) to secure your information and loses it should be accountable.

    The reverse happens a lot, a winger of mine, went to the bank once (1978) and discovered there was an additional $10,000 cdn in his account (now he's an Ordinary seaman and no way does he make enough for this so he asked the teller to check it out, she did and it was okay, but being cautious he wanted a second opinion from the manager, and so he did and the manager said everything was above board, so out he went and straight to a bike shop and purchased a 650 Kowasaki...boom within a day the money was gone....yep 4 day's later he gets a call from the bank, they made an error and would like their money back, well my winger say's he made every attempt to certify this was his money and the bank can shove it. Well the bank unfortunately had the law on it's side (a lawyer told my winger if he had of gotten his bank statement initialed by the manager at the time he may have been able to beat it) and he was made to pay up, even though it was their fault to begin with, so I have no sympathy for banking institutions who are going to get nailed for losing confidential information.
    PC Registered user # 2,336,789,457...

    "When the water reaches the upper level, follow the rats."
    Claude Swanson

  3. #3
    Join Date
    Feb 2005
    Good news for security professionals and insurance companies but what a kick in the nuts to small business.

    In my experience small businesses lack even the most basic fundamental security measures. These companies will need to define policies and procedures along with performing regularly scheduled audits which means they have to hire or contract a security consultant. The insurance companies will be hiring security professionals to audit businesses before providing "cyber insurance" and suddenly a whole lot of money is directed towards eradicating a minimal risk.

    However the cost of an incident is high enough that the premiums will be to steep for many small businesses. This is going to put them in a sticky situation. How many small businesses will be able to afford consultants and insurance? *Catch22* How many of them can afford to go without? One incident could bankrupt the company.

    An great paper on cyber insurance. http://citebm.business.uiuc.edu/TWC%...0Insurance.pdf
    Last edited by stevel; February 23rd, 2007 at 04:11 PM.

  4. #4
    Junior Member
    Join Date
    Dec 2005

    Focus on the perp...

    I see a double-standard. Why is information being sought? To get money. I understand if a company, business, corporation, or any other entity is negligent they should be held liable. However, I believe the greater punishment should go against the individuals that committed the crime AND that it should be severe enough to help deter others. Make the punishments fit the crimes and apply them to the individuals justly convicted not the corporations. I am not talking about just the individuals that broker the information but also those that have purchased it.
    Personal opionion: Siezure of all assets, destroy thier credit rating, then send them off somewhere where they can make little rocks from big rocks for a very long, long, long time.
    Epithath: What lies here beneath is just the shell, just the nut is gone.

  5. #5
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    It is true that many banks do charge high fees on credit cards. The bank I work at is an exception. We are a community bank and deal mostly with consumers and small businesses. That is our niche, if you will. We don't have credit cards. We have debit cards with a visa logo, but they are tied to a checking account. Most of our income comes from loans. Not credit cards.

    We've had quite a few problems lately with data breaches. The TJMax one was huge. We had to setup monitoring of thousands of accounts, notify all of the affected customers, offer to cancel their debit cards, issue new cards and new pins, etc. We're pretty small compared to a lot of places that had millions of accounts affected.

    That is just one example. There are many more. In the case of TJMax, they should have to foot the bill because it was so massive. However, if it some little mom and pop store and only a small number of people were affected... then the bank can continue to eat it. Banks EXPECT loss due to fraud. They have to raise their rates and fees in order to keep up with the rising fraud.

    Dalek: Your friend knew that it was not his money. Otherwise he would not have talked to a branch manager about it. Even if the branch manager is an idiot, (like that one seemed to be) your friend still knew that money wasn't his. You're right about the law... it was on the banks side. He broke the law by spending money that wasn't his. No matter how much you wish it wasn't true.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

Similar Threads

  1. NMAP Scanning and PortSentry Evasion
    By Striek in forum The Security Tutorials Forum
    Replies: 10
    Last Post: January 17th, 2006, 03:07 AM
  2. Classic Social Engineering Attacks
    By Striek in forum The Security Tutorials Forum
    Replies: 10
    Last Post: December 16th, 2003, 08:30 PM
  3. Hacking victim killed a young student...
    By -DaRK-RaiDeR- in forum Miscellaneous Security Discussions
    Replies: 30
    Last Post: May 13th, 2003, 03:24 PM
  4. Tutorial: Layer 2 switching attacks and Mitigation
    By Networker in forum The Security Tutorials Forum
    Replies: 0
    Last Post: December 18th, 2002, 04:35 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts