Softbank theft of consumer data -information security, Computer Network Security

Example : Softbank – theft of consumer data for extortion

Softbank of Japan offers broadband Internet services across Japan through 2 subsidiaries – Yahoo! BB and Softbank BB. In the year 2004, the bank announced that the security of 4.5 million customer records which had been compromised: data from both subsidiaries had been illegally copied and disseminated. The leaked details included home phone numbers, customer names, addresses and email IDs, but did not involve passwords, access logs and credit card details.
Softbank became aware of problem only when they were approached by 2 groups of extortionists. The criminals produced genuine customer data and threatened that all of the data would be posted to Internet if they were not paid a large amount of money.

Japanese police made 3 arrests but suspected that there may have been connections to prearranged crime and the political far right. Astonishingly, the police concluded that there had in fact been 2 simultaneous, yet independent, extortion tries against Softbank, they masterminded by employees of the company. All of the people who were accused of extortion had been authorized to access the customer data; but it seemed that Softbank had inadequate procedures to protect against unwarranted copying and dissemination.

The bank immediately announced making strict policies of security, further restricting access to their systems and enforcing strict security on all of their subsidiaries. Profuse apologies were offered to affect the customers and ¥4 billion were paid in compensation. Further, Softbank BB’s president, Masayoshi Son, announced that other senior executives would take a 50 % pay cut for the next 6 months.

In this instance, the threat was to reduce the value of an organization by revealing information which should have been a well kept secret scarce within as well as scarce without. It cost company £20 million in compensation and affected the reputation of it.

Posted Date: 10/8/2012 4:33:52 AM | Location : United States







Related Discussions:- Softbank theft of consumer data -information security, Assignment Help, Ask Question on Softbank theft of consumer data -information security, Get Answer, Expert's Help, Softbank theft of consumer data -information security Discussions

Write discussion on Softbank theft of consumer data -information security
Your posts are moderated
Related Questions
A Certificate presents an organization in an official digital form. This is same to an electronic identity card which serves the purpose of Identifying the owner of the certificate

Da t a compre s sion and the trans p ort s e rvices,   The main purpose of the transport layer is to provide services which are efficient, reliable and cost-effecti

Spambot Detection: The  previous studies in this field  have focused on content and meta-content based features.  The main assumption in this area of spam detection of late is

what are the participant of marketing channal?

Question 1: Why do we need a Law of Contract? a Explanation Reasons to have a law of contract b Explain the close procurement project process - Explanation (causes,

Enterprise Information Security Policy (EISP) EISP also known as security policy directly supports the mission of the organization and sets the strategic direction, scope, and t

Question 1: (a) (i) Radio waves are subject to several propagation problems. Name any three of them. (ii) A Wi-Fi receiver requires a signal power of 50mW to operate correc

Elements of Cryptosystems Cryptosystems is characteristically made up of algorithms, data handling techniques, and procedures which are combined in multiple ways to ensure confi

NSTISSC SECURITY MODEL The NSTISSC Security Model provides a detailed perspective on security. While the NSTISSC model covers the 3 dimensions of information security, it removes

Secure Socket Layer (SSL) accepts a combination of asymmetric and symmetric (public-key) encryption to accomplish integrity, confidentiality, authentication and non-repudiation for