Wired's blog just noted that Bryan Sartin, director of investigative response for Verizon Business, is saying the backbone of bank security – the PIN – is broken by hackers.
In fact, he reckons, its' been blown apart.
"We're seeing entirely new attacks that a year ago were thought to be
only academically possible," says Sartin. "What we
see now is people going right to the source … and stealing the
encrypted PIN blocks and using complex ways to un-encrypt the PIN
Grab a copy of Verizon's full report, and take note of their headline:
"285 Million Records: (2008) A Great Year for Data Thieves"
"Our forensics team analyzed thousands of data points from
investigations around the world – including many never publicly
reported – and found that in 2008 alone, more than 285 million records
were compromised. That’s more than the previous four years combined.
"The 2009 Verizon Business Data Breach Investigations Report offers an
objective view of these data breaches, including analysis that we
believe will be helpful to the planning and security efforts of our
"Here are just a few of our findings:
- 91% of all compromised records were attributed to organized criminal groups
- 99.6% of records were compromised from servers and applications
- 74% resulted from external sources
- 69% were discovered by a 3rd party
- 67% were aided by significant errors
- 32% implicated business partners"