Network News

X My Profile
View More Activity

Guidance Software's Customer Database Compromised

Read Brian Krebs's latest story:  "Hackers Break Into Computer-Security Firm's Customer Database."

Here's the story lead:  "Guidance Software -- the leading provider of software used to diagnose hacker break-ins -- has itself been hacked, resulting in the exposure of financial and personal data connected to thousands of law enforcement officials and network-security professionals."  Continue reading.

By  |  December 20, 2005; 8:38 AM ET
Categories:  Fraud  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Database Hack Exposes Police Financial Data
Next: Symantec Anti-Virus Vulnerability


Actually Guidance is not a security company per se. They build software that is used to forensically image hard drives of machines to assist with investigating the contents of those drives. This could be looking for evidence of hacking but it is used substantially more often in the investigation of individuals looking for the "smoking gun" evidence of criminal and civil activity - emails, documents, deleted files, and the like - memos that implicate the tobacco and drug companies, for example. Guidance failed to live up to well-known standards for protecting data behind their web applications where customers can purchase the software on-line. They violated the payment card industry's standards by keeping some card holder data that they needed to delete after authorization (the CVV number) and not encrypting the remaining card holder data they were allowed to keep (name, address, etc.). The up to $500k fine that Visa can levy against the card issuing bank is often passed on to offending merchant. Undoubtedly one or more of the 3000 individuals is a resident of California, New York, or one of the roughly 15 other states that have passed laws requiring public notification of a breach. The only thing remarkable about this story is that a company so closely related to security and law enforcement was so lax. With so many states, and the federal banking regulators, now requiring notification we can expect to be reading about these kinds of breaches for many more months.

Posted by: Roger Nebel | December 20, 2005 1:18 PM | Report abuse

Perhaps we need a new purchasing model where the customer "pushes" funds to a vendor rather than the vendor "pulling" money. The vendor wouldn't need all this personal financial information. We have the technology for instantaneous transactions so who needs the old "credit" system based on transaction delays. Develop an e-money system with a token or a smart card with a PIN. The goal is to eliminate these hackable databases.

Posted by: Bud | December 20, 2005 1:51 PM | Report abuse

Posted by: mako | March 27, 2006 4:27 PM | Report abuse

Goodsite-recpect!. challenge coinscollectible knivescollectible dollsantique lighterbullion coinsarabic coinsrare[URL=">rare-postcards[/URL][URL=">challenge coins[/URL][URL=">collectible knives[/URL][URL=">collectible dolls[/URL][URL=">antique lighter[/URL][URL=">bullion coins[/URL][URL=">arabic coins[/URL][URL=">rare[/URL]

Posted by: antique | March 28, 2006 10:42 AM | Report abuse


Posted by: Anonymous | March 28, 2006 4:43 PM | Report abuse


Posted by: Anonymous | March 28, 2006 7:06 PM | Report abuse

Goodsite-recpect! Webmaster recpect! Good phentermine

Posted by: phentermine | March 30, 2006 7:34 AM | Report abuse


Posted by: Anonymous | March 31, 2006 12:13 PM | Report abuse

Your site very interesting and useful. Myname-is-Jonn. I`m-a-docter! prostate massage

Posted by: Jonn | April 5, 2006 5:38 PM | Report abuse


Posted by: Anonymous | April 18, 2006 5:31 AM | Report abuse

Ilikeyoursite!)))[URL=]buy-phentermine-online[/URL]visit my home page! Webmaster - recpect!!!

Posted by: SilverDollar | April 20, 2006 3:30 PM | Report abuse


Posted by: Anonymous | May 5, 2006 11:34 AM | Report abuse


Posted by: Anonymous | May 5, 2006 4:22 PM | Report abuse


Posted by: Anonymous | May 6, 2006 12:15 AM | Report abuse

I just dont have much to say lately, but oh well. Today was a loss. My lifes been basically unremarkable today, but whatever.

Posted by: Htnaq | August 3, 2006 11:15 AM | Report abuse

My lifes been really dull these days. Not much on my mind lately. Today was a loss, but oh well. I havent been up to anything lately.

Posted by: Druvt | August 3, 2006 8:31 PM | Report abuse

Not much on my mind right now. I feel like a complete blank. Ive just been staying at home not getting anything done. Ive pretty much been doing nothing.

Posted by: Dsgje | August 4, 2006 4:39 AM | Report abuse

eiyqc dzmyxfa jxlf dywhpt puvdgzkl wzoc balzq

Posted by: iyxn avtozg | August 4, 2006 10:20 AM | Report abuse

Great guestbook! Wonderful artwork!

Posted by: Rbxmk | August 4, 2006 1:49 PM | Report abuse

My lifes been really dull these days. Not much on my mind lately. Today was a loss, but oh well. I havent been up to anything lately.

Posted by: Szfwa | August 4, 2006 6:44 PM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company