Basket £ 0.00 (0 items)
You are here: HomeArticle › Insurance firm Staysure fined £175,000 for 'unbelievable' credit card hack

Insurance firm Staysure fined £175,000 for 'unbelievable' credit card hack

From Computerworld UK

"The ICO has handed online insurance firm Staysure.co.uk a stinging £175,000 fine after chaotic security practices allowed hackers to steal details of 100,000 credit card numbers from the firm's database, several thousand of which experienced fraud.

The ICO's investigation notes read like a case study in the way that an accumulation of smaller mistakes and poor processes can lead over time to major security problems.

The compromise itself happened between 14 and 28 October 2013, during which time attackers were able to place the malicious Javascript ‘JSPSpy’ back door on the firm’s website that made it possible to control the site and query the customer database sitting behind it.

The software vulnerability that made the attack possible turned out to be an old one in the JBoss Application Server that had been patched as far back as 2010. Incredibly, the firm had no defined process for applying security updates and so this one was missed.”

Read more at Computerworld UK


NCC Weekly News Update 5 March 2015

 

Contact

For more information about The National Computing Centre and our services, please contact us at the details below:

Email: info@ncc.co.uk
Telephone: +44 (0)870 908 8767
Fax: +44 (0)870 134 0931

Click here for more contact information


TwitterFollow us on Twitter
Linked InJoin our LinkedIn Group
FBLike us on Facebook

 

Management Guidelines

NCC Guidelines Vol 5 No 1

more in Management Guidelines

 

Professional Development

Cloud Computing

more in Professional Development

 

Analyst Digest

September 2016 Bulletin published

more in Analyst Digest