Interesting things we found around the web:
- Target speaks up about holiday data breach, more affected than previously thought (CNBC)
Previous figures estimated that data for over 40 million credit cards were stolen. The actual figure is nearly double that:
Target disclosed on Friday that a mass information breach involved data belonging to up to 70 million individuals —a number far more extensive than originally believed.
The big box retailer said that a probe into the hacking of customers’ personal data found that stolen information—separate from payment information already reported—included names, mailing addresses, phone numbers or email addresses for tens of millions. The new figure was significantly higher than the 40 million the company initially reported.
- On a related note, Houston startup Epic One is working on a new credit card that could thwart Target-esque breaches (Forbes)
When a shopper uses an Epic One card, his fingerprint scan on the card generates a green light on top that signals to the merchant it’s okay to swipe the card. Then the transaction is relayed to the card’s issuing bank and to Epic One. The only data Target sees is your Epic One card number plus the one-time use code. Even if someone hacks into the credit card processing system subsequently, the Epic One card number will not work a second time because the thief can’t generate a valid code to use it.
- Hackers are raiding ATMs in Europe with malware-infected USB drives (BBC)
To activate the code at the time of their choosing the thieves typed in a 12-digit code that launched a special interface.
Analysis of software installed onto four of the affected machines demonstrated that it displayed the amount of money available in each denomination of note and presented a series of menu options on the ATM’s screen to release each kind.
- The Internet of Things can do more than remotely preheat your oven – it has the potential to overhaul Customer Service and Support, too (CMS Wire)
Wouldn’t it be great if, when a car gets an engine light, the trouble code plus relevant information could be sent directly to a service center for evaluation? The service center would know just how serious it is without the owner having to bring it in and have an auto technician connect it to a computer just to get the same information at the shop. Remote access of diagnostic information will make for more effective service. Ford Motor Company is working toward this with open diagnostic protocols and their latest Sync software.
- Remote diagnostics can have their drawbacks, though, such as telling Ford when and where drivers break the law (Business Insider)
Farley was trying to describe how much data Ford has on its customers, and illustrate the fact that the company uses very little of it in order to avoid raising privacy concerns: “We know everyone who breaks the law, we know when you’re doing it. We have GPS in your car, so we know what you’re doing. By the way, we don’t supply that data to anyone,” he told attendees.
- While Smart Devices evolve, security remains stagnant (CIO)
Why? Schneier blames both consumers and manufacturers, but mostly manufacturers. “Security is very hard to get right,” he wrote. “It takes expertise, and it takes time. Most companies don’t care because most customers buying security systems and smart appliances don’t know enough to care.”
Perhaps, at least so far, they have not been given reason enough to care either. While there have been impressive, and disturbing, demonstrations of how easily a skilled hacker can take control of home automation systems, including heat, air conditioning and door locks, there has so far not been any major consumer panic over those risks.
- The aforementioned articles are concerning, because cars have an increasing amount of electronic control units that are likely ill-equipped to prevent tampering (Auto Express)
Modern cars have a number of electronic control units (ECUs), which not only control infotainment services, but also the operation of the engine, transmission and safety features such as stability control and anti-lock brakes.
If someone can hack into the connectivity system, they then have access to all the car’s other ECUs because there is currently no physical or electronic barrier between them.
Find any cool IT links this week? Tell us in the comments or Tweet us @NetopTech!