if you read the ariticle it states, the escrow company computer was infected and the hacker obtained the user id and password… now, did the escrow company have a firewall up? information was gotten from their computer not the bank’s.. if you have saved your passwords online, it’s not the bank’s fault. so i hope that you have money from that other loan to protect…
questions:
1) why was not your own computer protected?
2) did you have insurance for any losses?
3) why did you or possibly did you leave your computer with passwords stored?
4) why can’t it be your fault? it truly sounds like you did not protect your assets.
now, if i had escrow w/this company i would be suing, because it might have failed to make the proper payment to the lh and the insurance. i would want heads to roll and make them responsible for bad conduct, missappropriations of money because they failed to secure my money.
Interesting. I’m sure the argument can be flipped too — how come the bank didn’t cross check the IP address? If the account holder always logged in from the same computer ID and IP address, and a hacker using a Chinese IP was able to log in using the stolen credentials, then couldn’t the claim be made that the bank failed to adequately secure the network?
Google does this — if someone from a foreign IP attempts to log in to your Gmail you will get notification from Google that for example someone in China attempted to log into your account and to change all passwords immediately.
The article also fails to say how the money was transfered. Was a transfer permitted which should have been at least scrutinized if not blocked altogether? Should safeguards have been in place that werent?
This is a timely story since we are just this week reading the news about the european banks attempting to censor a Columbia University master’s dissertation detailing security vulnerabilities in card & pin purchase systems.
Never assume your assets are safe! Manage your risk accordingly. Online risk cannot be ignored. Guard your routing and account numbers. Use different passwords for different sites. Make sure your security questions for password resets aren’t too easy. Use complex passwords — at least 8-10 characters, uppercase, lowercase, numbers and symbols. Don’t use words from the dictionary. ***If any of your online accounts can be accessed / reset by using your email address, then make sure your email account password is extremely strong and update it regularly!***
Also be very careful with RFID-enabled cell phones and RFID-chipped credit cards. Someone can be standing behind you w/ an RFID reader in a briefcase and they can get your card number, expiration date, name, and CV2 security code — no joke!
People have no idea how insecure all these technologies are…. They trust everything WAYYYYY too much!
We have updated our privacy policy to be more clear and meet the new requirements of the GDPR. By continuing to use our site, you accept our revised Privacy Policy.
if you read the ariticle it states, the escrow company computer was infected and the hacker obtained the user id and password… now, did the escrow company have a firewall up? information was gotten from their computer not the bank’s.. if you have saved your passwords online, it’s not the bank’s fault. so i hope that you have money from that other loan to protect…
questions:
1) why was not your own computer protected?
2) did you have insurance for any losses?
3) why did you or possibly did you leave your computer with passwords stored?
4) why can’t it be your fault? it truly sounds like you did not protect your assets.
now, if i had escrow w/this company i would be suing, because it might have failed to make the proper payment to the lh and the insurance. i would want heads to roll and make them responsible for bad conduct, missappropriations of money because they failed to secure my money.
Interesting. I’m sure the argument can be flipped too — how come the bank didn’t cross check the IP address? If the account holder always logged in from the same computer ID and IP address, and a hacker using a Chinese IP was able to log in using the stolen credentials, then couldn’t the claim be made that the bank failed to adequately secure the network?
Google does this — if someone from a foreign IP attempts to log in to your Gmail you will get notification from Google that for example someone in China attempted to log into your account and to change all passwords immediately.
The article also fails to say how the money was transfered. Was a transfer permitted which should have been at least scrutinized if not blocked altogether? Should safeguards have been in place that werent?
This is a timely story since we are just this week reading the news about the european banks attempting to censor a Columbia University master’s dissertation detailing security vulnerabilities in card & pin purchase systems.
Never assume your assets are safe! Manage your risk accordingly. Online risk cannot be ignored. Guard your routing and account numbers. Use different passwords for different sites. Make sure your security questions for password resets aren’t too easy. Use complex passwords — at least 8-10 characters, uppercase, lowercase, numbers and symbols. Don’t use words from the dictionary. ***If any of your online accounts can be accessed / reset by using your email address, then make sure your email account password is extremely strong and update it regularly!***
Also be very careful with RFID-enabled cell phones and RFID-chipped credit cards. Someone can be standing behind you w/ an RFID reader in a briefcase and they can get your card number, expiration date, name, and CV2 security code — no joke!
People have no idea how insecure all these technologies are…. They trust everything WAYYYYY too much!