[
Lists Home |
Date Index |
Thread Index
]
Barry Tauber wrote:
>> Sound like garden variety fraud with a high-tech component.
http://lists.jammed.com/ISN/2005/04/0021.html
There have been developments since the April 7 story referenced in that link
above.
According to more recent stories in Indian papers, employees used stolen
password and login information and worked with a bank executive and travel
agency to open bank accounts to receive the purloined funds. The local police
commissioner said this incident could be part of a bigger scheme and the company
(MphasiS) has said it is now conducting a complete audit.
It's also spurred a call for improved security procedures.
http://www.telegraphindia.com/1050419/asp/business/story_4632861.asp
"New Delhi, April 18: India, the US and the European Union are teaming up to
formulate a new set of cyber security guidelines."
Damage control? Several stories refer to call center employees but MphasiS is a
software and IT services contractor. An executive of the firm initially said its
security procedures were solid and the fault lay with customers disclosing
passwords. However, a more recent press release by MphasiS says:
"While there is no evidence so far of a breach or audit failure in the processes
employed by MphasiS and its client, in the light of this incident, we are
conducting full external audits on processes and compliance. We will implement
the required steps to further strengthen security and dissemination of
information to customers as to how they should protect their data."
The audit tells me they don't know whether someone hacked into databases, files
or documents.
That's happened in several recent cases: ChoicePoint, Bank of America,
LexisNexis, Polo Ralph Lauren, HSBC Holdings, Ameritrade and DSW stores.
======== Ken North ===========
www.WebServicesSummit.com
www.SQLSummit.com
www.GridSummit.com
|
