11 charged with stealing card numbers from TJX

probe

The US DOJ has finally charged 11 people in connection with the theft of card numbers from TJX's computer systems. Big deal.

The first people going to jail should be the corporate IT people working for TJX who negligently allowed open WiFi networks at their retail outlets across the US to provide access to their retail POS transaction databases storing cardholder information. If these networks were secure and access was password protected, the 11 people charged would never have got access to the data.

.probe


http://www.networkworld.com/community/node/30741?hpg1=bn

Martyr

The first people going to jail should be the corporate IT people working for TJX who negligently allowed open WiFi networks

yep, this is the real problem, nobody in management is held accountable.

i mentioned before about a man in charge of hotel i.t support..a very well known hotel with branches throughout the world.(to say how many would give it away) he gets paid about 2000 euro per month, per site..not sure how many sites though, atleast 3-4

he was employed because the accountant knew someone in HR who got him the job, even though he's a total idiot.

the systems are all cracked editions of windows, unpatched and wide open..

online crime is a growing industry because of peoples stupidity..and the situation won't get better by employing nephews to handle i.t security or your brothers house-wife the HR dep.. :P

there are loads of companies like TJX..nothing ever changes.
they give jobs to muppets, just because they spent 3-4 years in college..what did they learn? nothing?

probe

Average Joe wrote: »

yep, this is the real problem, nobody in management is held accountable.

i mentioned before about a man in charge of hotel i.t support..a very well known hotel with branches throughout the world.(to say how many would give it away) he gets paid about 2000 euro per month, per site..not sure how many sites though, atleast 3-4

he was employed because the accountant knew someone in HR who got him the job, even though he's a total idiot.

the systems are all cracked editions of windows, unpatched and wide open..

online crime is a growing industry because of peoples stupidity..and the situation won't get better by employing nephews to handle i.t security or your brothers house-wife the HR dep.. :P

there are loads of companies like TJX..nothing ever changes.
they give jobs to muppets, just because they spent 3-4 years in college..what did they learn? nothing?

They need to go after the people at the top of the organisations that are careless about computer security - at whose doors ultimate responsibility lies. If there was a customer data loss at the ESB - put the Chief Executive in jail for a few years for not having these data properly encrypted in storage. Ditto for Eircom, Bord Gais, and the cable TV monopoly UPC. There must be an equivalent of a chief exec in government departments too - probably someone with a wonderfully dysfunctional title like "senior clerical administrative officer, grade V" or whatever.

After one or two example cases with jail sentences, these guys would be very quick to appoint competent systems people to take care of security, and fire the lazy idiots currently not doing their jobs!

.probe

Martyr

i agree, but the chief execs are probably friends with most of the high profile policiticans in the country, so doing time is out of the question..not because they shouldn't, just because jails were built for poor people, not the rich.