Home > Features > Mounting Breaches: Are You Paying Enough Attention to Internet Security? • Bookmark   • Newsletters   • Register Search Options

FEATURE

Mounting Breaches: Are You Paying Enough Attention to Internet Security?

Mounting Breaches: Are You Paying Enough Attention to Internet Security?

December 20, 2014
Text size: 
View in Digital Mag
Get XBIZ News
XBIZ Research
Will virtual reality boost the paysite market?
Yes, it will soon
  40.56%
Yes, but in a few years
  37.06%
No
  22.38%
Out of 143 votes. Results based on votes submitted by members of XBIZ.net social network.

" Porn.com, purchased in 2007 for $9.5 million, was recently hijacked by an unknown third party, making it the largest domain hijacking in recent memory. "

For those of you who haven’t been paying attention to the news, there is an epidemic in the online world and it’s getting worse. Last month JPMorgan Chase announced that 76 million households were affected by a recent security breach in which many individuals had their personal information stolen by hackers. To put things in perspective, JPMorgan Chase has 65.8 million open accounts including 30.1 million checking accounts. It’s the second largest mortgage originator in the U.S., and the third largest auto-lender not owned by a car manufacturer.

According to the Identify Theft Resource Center, there have been 579 data breaches this year, a 27.5 percent increase over the same period last year. In addition to JPMorgan Chase, reportedly, Target, P.F. Chang’s, Jimmy John’s, Neiman Marcus, Michaels and Sally Beauty Supply have all recently fallen victim to massive hacks and data theft.

Millions of pieces of data including names, birthdates, addresses, telephone numbers, drivers license numbers, credit card numbers and more are now in the hands of individuals with bad intentions. This sensitive data is being traded, sold and utilized unbeknownst to individuals all over the world.

Sadly, the media doesn’t find all data breaches juicy enough to make the headlines, but in addition to the banking, restaurant and retail sectors, it’s been a horrible year for data breaches in education, and critical infrastructure. In the education arena, the Universities of Maryland, Wisconsin and Iowa State University all fell victim to massive security failures. In those cases, social security numbers, credit card numbers, health records and intellectual property produced by research departments were exposed according to Stephen Boyer, co-founder and CTO of Bitsight.

If you are reading this article and still aren’t concerned, perhaps you didn’t hear that the U.S. Nuclear Regulatory Commission (NRC) reportedly sustained an email based hack recently as well (the third such event in recent years). The NRC is the regulator of the nation’s use of nuclear materials and commercial power plants.

In the healthcare arena, the North Carolina Department of Health and Human Services blamed a computer programming error for the mailing of more than 48,000 Medicaid cards for children to the wrong addresses; St. Joseph Health Systems (based in Texas) was hacked and 405,000 former and current patients, employees and employee beneficiaries were affected; Sutherland Healthcare Solutions in Los Angeles suffered a data breach affecting 338,700 California residents, which included social security numbers and medical diagnosis being compromised; and last but not least, Variable Annuity Life Insurance Co. had a thumb drive stolen that contained the sensitive data of 774,000 people that participate in the company’s insurance programs.

In the celebrity world, in the past few months, Jennifer Lawrence, Kate Upton, Jessica Brown Findlay, Amber Heard, Erin Heatherton, Gabrielle Union, Kirsten Dunst, Kaley Cuoco, Kim Kardashian, Nina Dobrev, Anna Kendrick, Cara Delevingne, Rihanna, Jenny McCarthy, Mary-Kate Olsen, Mena Suvari, Kelly Brook, Nick Hogan, Mary Winstead, Hope Solo, Becca Tobin and Teresa Palmer, amongst others, have all had their private and personal photos stolen. Many of the photos are sexually explicit and expose private moments that were never meant to be shared with the public.

In the domain arena, Porn.com, purchased in 2007 for $9.5 million, was recently hijacked by an unknown third party, making it the largest domain hijacking in recent memory.

Clearly there is a problem that is getting worse and probably isn’t going to slow down anytime soon. As the Internet and programming continues to evolve so do the hackers of the world. Make no mistake about it, despite their nefarious goals, hackers are educated, bright, creative and adaptive. Underestimating the abilities of today’s hackers is a mistake that appears to always prove costly.

In the U.S., there are laws in place that can be used to attempt to hold hackers criminally responsible but unfortunately investigations into many of the recent headline hackings have been slow and have led to dead ends. Hackers being located far outside of the U.S. have also contributed to the government’s ineffectiveness in dealing with the hacking problem.

  • The Computer Fraud and Abuse Act (CFAA) 18 U.S.C. Section 1030, makes it illegal for anyone to distribute computer code or place it in the stream of commerce if they intend to cause either damage or economic loss.
  • The Electronic Communications Privacy Act (ECPA) 18 U.S.C. Sections 2510-2521, 2701-2710, protects against the unlawful interceptions of any wire communications – whether it’s telephone or cell phone conversations, voicemail, email and other data sent over the wires.
  • The Economic Espionage Act (EEA) makes it a federal crime to take, download, receive, or possess trade secret information obtained without the owner’s authorization.
  • The Wire Fraud Act makes it illegal to use interstate wire communications systems, which ostensibly includes the internet, to commit a fraud to obtain money or property.
  • The National Property Act (NSPA) prohibits the transportation in interstate commerce of “any goods, wares, securities, or money” valued at $5,000 or more that are known to be stolen or fraudulently obtained. The NSPA has been used in computerized transfers of funds.
  • The Identity Theft and Assumption Deterrence Act (ITADA) 18 U.S.C. Section 1028(a)(7) criminalizes identity theft and allows courts to assess the losses suffered by individual consumers.

As a consumer and member of society, you need to be vigilant and responsible for what personal information that you share and what security measures you have in place to protect your sensitive information. Additionally, you need to be highly cautious about what electronic data you store on your electronic devices and share online.

I feel bad for all of the recent celebrities and non-celebrities that have had their most private and intimate moments shared with the world involuntarily; however, I also question the level of maturity, and decision-making of these same individuals.

Common sense should not be ignored and you need to be regularly changing your usernames, passwords, and checking your financial statements (credit card statements, bank statements, credit report etc.). I’d also recommend that you keep a list of anyone (including your banks, health care providers etc.) that you have provided any sensitive information to.

As business owners, now is the time to review all of your security protocols and ensure that you are using the best technology available to protect the sensitive information that your consumers are sharing. You need to be considering data encryption, email encryption, complex access credentials, IP access restrictions amongst the many technical options available. You should also find out all out the security protocols for all of your vendors such as your Internet service provider(s) and host(s). You may be doing everything that you can in terms of security but you need to carefully pick your vendors to ensure that your customer sensitive data is safe in their hands as well.

It’s also not all about technology, and as a business owner you need to be responsible in your hiring practices and ensuring that sensitive data can only be accessed by limited, trained and security cleared personnel. It’s no secret that many of the recent Internet security breaches have been inside jobs or were the result of employee negligence. As the employer, it is your ultimate responsibility to do everything that you can to protect your customers’ sensitive data.

It may cost you a few bucks but there are some incredible outside firms for hire that can review your existing security and assist you with identifying and resolving issues that you may not know exist. Additionally, more than ever, businesses are actually hiring former hackers to purposely attempt to infiltrate the businesses’ systems to locate vulnerabilities; this may be one of the best current methods available.

Don’t think that this can’t happen to you or your business; statistically speaking, it may have already happened to you and you aren’t even aware of it yet.

This article does not constitute legal advice and is provided for your information only and should not be relied upon in lieu of consultation with legal advisors in your own jurisdiction. It may not be current as the laws in this area change frequently. Transmission of the information contained in this article is not intended to create, and the receipt does not constitute, an attorney-client relationship between sender and receiver.

Corey Silverstein is the managing and founding member of the Law Offices of Corey D. Silverstein P.C. His practice focuses on representing all areas of the adult industry and his clientele includes hosting companies, affiliate programs, content producers, processing companies, website owners and performers, just to name a few. Silverstein can be reached by email at corey@myadultattorney.com. He also can be contacted by telephone at (248) 290-0655.


BUSINESS ANALYSIS

Manufacturers Take Action Against Counterfeit Sex Toys

The mainstreaming of pleasure products is proving to be a blessing and a curse for the sex toy industry. As the demand for pleasure products continues to grow, manufacturers are seeing an increase of counterfeiters... More »

Trends in Paysite Design, Content Delivery

Given the highly visual nature of adult entertainment, it is no surprise that many paysites have shown design-forward approaches — some skirting the bleeding edge, while others sought stability over... More »

Surviving Affiliates Seem to Be Thriving

Long a mainstay of traffic generation for adult website owners and monetization channel for tech savvy marketers, “sponsor programs” have delivered countless millions of dollars to affiliates... More »
XBIZ NEWSLETTERS
Stay informed of the latest industry developments. Get XBIZ newsletters delivered to your inbox. Subscribe today!
Enter email address:

* To manage existing subscriptions click here.






POPULAR PRODUCTS & SERVICES
Submit your press release to
multiple news outlets with 1 click.
Subscribe to RSS news feeds or
add free content to your website.
Access XBIZ news and articles
with your mobile device.
Subscribe to XBIZ World magazine, the industry's leading e-commerce trade publication, delivering in-depth coverage of the online, mobile and ancillary digital markets.

UPCOMING EVENTS

eroFame

Oct 05 - Oct 07
Hannover, Germany

EXXXOTICA Edison

Nov 04 - Nov 06
Edison, New Jersey

2016 Inked Awards

Nov 05 - Nov 05
Edison, New Jersey

XBIZ 2017

Jan 09 - Jan 13
Hollywood, CA
Everyday thousands of business professionals browse XBIZ's industry directory for quality products and services. Not listed yet? Your company could be losing potential new business. Submit your company today!
Use XBIZ RSS feeds to stay informed of the latest industry developments or as a content syndication tool for your website!