Softbank theft of consumer data -information security, Computer Network Security

Example : Softbank – theft of consumer data for extortion

Softbank of Japan offers broadband Internet services across Japan through 2 subsidiaries – Yahoo! BB and Softbank BB. In the year 2004, the bank announced that the security of 4.5 million customer records which had been compromised: data from both subsidiaries had been illegally copied and disseminated. The leaked details included home phone numbers, customer names, addresses and email IDs, but did not involve passwords, access logs and credit card details.
Softbank became aware of problem only when they were approached by 2 groups of extortionists. The criminals produced genuine customer data and threatened that all of the data would be posted to Internet if they were not paid a large amount of money.

Japanese police made 3 arrests but suspected that there may have been connections to prearranged crime and the political far right. Astonishingly, the police concluded that there had in fact been 2 simultaneous, yet independent, extortion tries against Softbank, they masterminded by employees of the company. All of the people who were accused of extortion had been authorized to access the customer data; but it seemed that Softbank had inadequate procedures to protect against unwarranted copying and dissemination.

The bank immediately announced making strict policies of security, further restricting access to their systems and enforcing strict security on all of their subsidiaries. Profuse apologies were offered to affect the customers and ¥4 billion were paid in compensation. Further, Softbank BB’s president, Masayoshi Son, announced that other senior executives would take a 50 % pay cut for the next 6 months.

In this instance, the threat was to reduce the value of an organization by revealing information which should have been a well kept secret scarce within as well as scarce without. It cost company £20 million in compensation and affected the reputation of it.

Posted Date: 10/8/2012 4:33:52 AM | Location : United States

Related Discussions:- Softbank theft of consumer data -information security, Assignment Help, Ask Question on Softbank theft of consumer data -information security, Get Answer, Expert's Help, Softbank theft of consumer data -information security Discussions

Write discussion on Softbank theft of consumer data -information security
Your posts are moderated
Related Questions
Systems-Specific Policy (SysSP) SysSPs are codified as standards and procedures which are used when configuring or maintaining systems. Systems specific policies fall into 2 g

(a) An opponent is using RSA with the public key {e=53, n=77}. You intercept the ciphertext C=10. (All values on this problem, including the ciphertext and the cleartext, are nume

INTRODUCTION TO RISK MANAGEMENT Risk management is the procedure of identifying and controlling risks facing an organization. Risk management is the discipline which is employed

Question: a) Explain what you understand by the term brute force attack, giving an example of such an attack b) Briefly outline the concept of Caesar cipher and identify a

NSTISSC SECURITY MODEL The NSTISSC Security Model provides a detailed perspective on security. While the NSTISSC model covers the 3 dimensions of information security, it removes

ADDRESS MASKS To identify receiver, network apply address mask to receiver address and calculate to network address in routing table. It can use Boolean 'and' to calculate the

(a) Using the extended Euclidean algorithm, find the multiplicative inverse of 504 mod 67. (b) Decrypt the following ciphertext, which has been encrypted using Caesar cipher: