Massive German banking data leak reported

by Graham Cluley on December 8, 2008 | Comments Off

Filed Under: Data loss

Warnings appeared this weekend of an enormous data breach in Germany.

According to media reports, the accounts of 21 million German bank account holders are being offered for sale on the black market by a hacking gang.

In the course of the investigation for Wirtschaftswoche magazine, the two reporters say they were able to get hold of a CD ROM containing the names, addresses, and bank account numbers of 1.2 million people, although they had been offered data on 21 million people if they paid the criminals' demands of 12 million euros.

It hasn't become apparent yet about how the criminals got their paws on the data, or where it originated from - but the fact that such a large number of individuals' personal data are on sale on the black market will send a shiver down the spine of many.

Incidents like this wouldn't be possible if there were tougher data security laws, enforcing the use of encryption and user authentication solutions. In addition, businesses should log and monitor how data is used and moved inside their organisation to get greater visibility of potential problem areas.

Time and time again we are reporting stories of major organisations who have been left with egg on their face after a data breach, and it's left to the public to pick up the pieces.

* Image source: clockwerx’s Flickr photostream (Creative Commons 2.0)

Tags:

About the author

Graham Cluley is senior technology consultant at Sophos. The readers of Computer Weekly voted him security blogger of the year in 2009 and 2010, and he pipped Stephen Fry to the title of "Twitter user of the year" too. Which was nice. He was also named "Best Security Blogger" by the readers of SC Magazine in 2011. You can subscribe to Graham's updates on Facebook, follow him on Twitter and circle him on Google Plus for regular updates.