Why do we worry about high-tech identity theft schemes and securing and encrypting websites when personal information lies in plain view on the web. Many Google-hackers still rely on a simple Google-cache to obtain personal information, left unattended in a spreadsheet on the web, indexed and made available to anyone to see.

A similar case in the University of Chicago is sure to prompt increased attention to plain-view personal information storage,

A third-year student in the College and web-developer—speaking under
condition of anonymity—was aimlessly looking through available files on
a UChicago server on November 12, 2004. He stumbled upon a folder from
the administration containing the personal and confidential information
of students enrolled in the University.

It appears that the student found Excel files containing undergraduate and graduate students’ immunization records. Then the student was able to open a spreadsheet containing grades from 2003 of all students, and the social security numbers of all students from 1990 to 2002. Talk about a golden mine for hackers.

[Via Chicago Maroon, IL -]

It just makes sense. If spyware/trojans are used to steal personal information, why wouldn’t they be used to steal corporate information and trade secrets? A big profile cyber-espionage case is raging in Israel where a suspect planted “Trojan Horse” spy software in the
computers of high-profile Israeli companies in a bid to sell privileged
information to competitors. It is not clear what are the names of the involved companies, but it appears that Israeli’s major corporations are involved.

How did this happen? Not very difficult - investigators were able easily to replicate the trojan attack:

The private investigators were able to commit the
crime by mostly employing two methods: providing companies with a
business offer on a disk containing the software, or sending a
contaminated e-mail message to the companies.

[Via Slashdot -]

 Next entries »