Leakage of personal data of users occur because of a weak protection system, or because of unscrupulous Bank employee, said in an interview with RIA Novosti in the framework of the Moscow international forum “Open innovations” CEO and founder of Group-IB, specializing in the prevention of cyber-attacks, Ilya Sachkov.
One of the most resonant cases of leakage databases in recent time was the incident reported in October Sberbank. The Bank became aware of the possible leakage accounts for credit cards, which has affected at least 200 customers. Then the investigation revealed that the employee of the savings Bank sold one of the groups in the informal Internet 5 thousand accounts on Bank cards. A substantial number of them are outdated and inactive, clients ‘ funds are not lost, said the Bank.
Sachkov noted that the specialists of the Central Bank for six months found 13 thousand ads about buying and selling personal data, but only 1.5 thousand of them — is the base of credit and financial institutions.
“The cause of all leaks is quite simple: or external hacking of the system that are not well protected, or internal leaks through the insider — in other words, dishonest employee, who out of greed or revenge sells service database attackers,” – said the expert.
“It should be clearly understood that the magnitude of the leak are sometimes greatly exaggerated, but the leaks are “probes” or a combination of legacy data collected from different sources. Such data sets do not allow the scammer to steal money from accounts or cards, but can be used for vishing, and social engineering tactics,” said he. Voice phishing is the luring of sensitive information by fraudsters on the phone, posing as, for example, employees of the Bank, for the further theft of funds.
Moscow international forum for innovative development “Open innovations” held on 21-23 October at the innovation center “SKOLKOVO”. RIA Novosti media group “Russia today” is the official news Agency of the forum.
Read the full interview by Ilya Sachkov >>