Containing a Breach Can Backfire
A cybersecurity vendor for one of Mexico’s largest banks sent a cease-and-desist to a cybercrime forum saying that an auction on the site for data stolen from the bank – data for 10 million customers – was fake news and harming the bank’s reputation.
So what did the web site’s administrator do? Not what the security vendor hoped, that is for sure.
The administrator bought the data and published all of it for free. How did that work out for the bank?
There was no reason that the site would think the data was fake since the person posting the offer had been active on the site for a couple of years and had posted other data for sale.
But the cybersecurity firm probably should stick to security and not play pretend-lawyer.
The firm also sent DMCA takedown notices against the site.
As a result of all of this, the bank now needs to worry that all 10 million customers are at risk and they get to deal with that. The bank says that they were not hacked and the data is old.
Okay, whether the data is old or not is not terribly relevant. Is it yours? If it is yours and you weren’t hacked, how did data on 10 million of your customers escape your control?
Underestimating your adversaries is never a good thing – just saying. Credit: Brian Krebs
If you need help with an incident, please contact us.