Safeguard your credit data
Recent thefts provide a reminder that cyberspace is not always secure
Updated: 08/25/08 6:54 AM
Technology has allowed society to accomplish much more than probably ever imagined, and in a shorter time, but with that convenience comes a price. Part of that price was evident recently, with reports of the theft and sale of more than 41 million credit and debit card numbers.
In what is believed to be the largest hacking case ever prosecuted by the Justice Department, 11 suspects were charged with conspiracy, computer intrusion, fraud and identity theft. The news is another reminder of a new set of 21st century pitfalls.
The allegation of wrongdoing says the 11 hacked into the wireless computer networks of the TJX Cos., BJ’s Wholesale Club, OfficeMax, Boston Market, Dave & Buster’s restaurants, Barnes & Noble, Sports Authority, Forever 21 and DSW shoe stores with programs that captured card numbers, passwords and account information.
It was all done by something called “wardriving,” which involves driving through areas with a laptop searching for accessible wireless Internet signals, and then tapping into those systems to install “sniffer programs” that capture credit and debit card numbers as they move through a retailer’s processing networks.
Perhaps the worst part of this is that nothing can be done to prevent it from happening again. Members of the international stolen credit and debit card ring, which included some U. S. citizens, were locked up — but you can’t lock up a technique.
The financial community is heavily regulated to protect consumers’ data, which is encrypted by law and industry agreement. No one shortcuts that process, according to the Center for Democracy and Technology. But the crooks found a way to insert a data sniffer into the system so that by the time cards were swiped and the information was released from the point-of-sale device, the information already had been snagged.
The industry will devise a solution. But in what amounts to a digital arms race, criminals will figure out a way around it. The Center for Democracy and Technology advises consumers that, as more and more of their lives are processed online, they must take more responsibility as they are handing over personal and financial information. For example, when typing in a credit card number, make sure the web page is secured, as indicated in the url as https — the “s” standing for “secure.” Do not use financial or personal information while using a wireless network. Someone could be sitting two tables over at that convenient cafe with a program that is sniffing the keyboard and stealing information right out of the air.
Convenience has a price. In this case, it can be a loss of security. Retailers and financial institutions will fight that loss, for their own interests. Consumers should too.
