February 22nd, 2007, 05:25 PM
Culprit or victim?
Here is an interesting one to discuss?
The idea is that it should be the entity who allowed its secure data to be compromised should foot the bill for the consequences, rather than the financial institution or customer thereof:
February 22nd, 2007, 08:50 PM
I can agree with this....the banks charge exorbitant interest rates on the cards to begin with that
is a drop in the bucket compared to what they rake in, so yeah any institution who is being payed (bank fees/charges) to secure your information and loses it should be accountable.
Now, banks usually get stuck with credit-card fraud losses, which last year totaled more than $2 billion, the paper said.
The reverse happens a lot, a winger of mine, went to the bank once (1978) and discovered there was an additional $10,000 cdn in his account (now he's an Ordinary seaman and no way does he make enough for this so he asked the teller to check it out, she did and it was okay, but being cautious he wanted a second opinion from the manager, and so he did and the manager said everything was above board, so out he went and straight to a bike shop and purchased a 650 Kowasaki...boom within a day the money was gone....yep 4 day's later he gets a call from the bank, they made an error and would like their money back, well my winger say's he made every attempt to certify this was his money and the bank can shove it. Well the bank unfortunately had the law on it's side (a lawyer told my winger if he had of gotten his bank statement initialed by the manager at the time he may have been able to beat it) and he was made to pay up, even though it was their fault to begin with, so I have no sympathy for banking institutions who are going to get nailed for losing confidential information.
PC Registered user # 2,336,789,457...
"When the water reaches the upper level, follow the rats."
February 23rd, 2007, 03:22 PM
Good news for security professionals and insurance companies but what a kick in the nuts to small business.
In my experience small businesses lack even the most basic fundamental security measures. These companies will need to define policies and procedures along with performing regularly scheduled audits which means they have to hire or contract a security consultant. The insurance companies will be hiring security professionals to audit businesses before providing "cyber insurance" and suddenly a whole lot of money is directed towards eradicating a minimal risk.
However the cost of an incident is high enough that the premiums will be to steep for many small businesses. This is going to put them in a sticky situation. How many small businesses will be able to afford consultants and insurance? *Catch22* How many of them can afford to go without? One incident could bankrupt the company.
An great paper on cyber insurance. http://citebm.business.uiuc.edu/TWC%...0Insurance.pdf
Last edited by stevel; February 23rd, 2007 at 04:11 PM.
February 23rd, 2007, 03:50 PM
Focus on the perp...
I see a double-standard. Why is information being sought? To get money. I understand if a company, business, corporation, or any other entity is negligent they should be held liable. However, I believe the greater punishment should go against the individuals that committed the crime AND that it should be severe enough to help deter others. Make the punishments fit the crimes and apply them to the individuals justly convicted not the corporations. I am not talking about just the individuals that broker the information but also those that have purchased it.
Personal opionion: Siezure of all assets, destroy thier credit rating, then send them off somewhere where they can make little rocks from big rocks for a very long, long, long time.
Epithath: What lies here beneath is just the shell, just the nut is gone.
February 23rd, 2007, 10:18 PM
It is true that many banks do charge high fees on credit cards. The bank I work at is an exception. We are a community bank and deal mostly with consumers and small businesses. That is our niche, if you will. We don't have credit cards. We have debit cards with a visa logo, but they are tied to a checking account. Most of our income comes from loans. Not credit cards.
We've had quite a few problems lately with data breaches. The TJMax one was huge. We had to setup monitoring of thousands of accounts, notify all of the affected customers, offer to cancel their debit cards, issue new cards and new pins, etc. We're pretty small compared to a lot of places that had millions of accounts affected.
That is just one example. There are many more. In the case of TJMax, they should have to foot the bill because it was so massive. However, if it some little mom and pop store and only a small number of people were affected... then the bank can continue to eat it. Banks EXPECT loss due to fraud. They have to raise their rates and fees in order to keep up with the rising fraud.
Dalek: Your friend knew that it was not his money. Otherwise he would not have talked to a branch manager about it. Even if the branch manager is an idiot, (like that one seemed to be) your friend still knew that money wasn't his. You're right about the law... it was on the banks side. He broke the law by spending money that wasn't his. No matter how much you wish it wasn't true.
is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
By Striek in forum The Security Tutorials Forum
Last Post: January 17th, 2006, 03:07 AM
By Striek in forum The Security Tutorials Forum
Last Post: December 16th, 2003, 08:30 PM
By -DaRK-RaiDeR- in forum Miscellaneous Security Discussions
Last Post: May 13th, 2003, 03:24 PM
By Networker in forum The Security Tutorials Forum
Last Post: December 18th, 2002, 04:35 PM