German bank data theft a wake up call, say security experts

Germany's biggest breach of banking details is a wake-up...

Germany's biggest breach of banking details is a wake-up call to all organisations handling personal data, say security experts.

At the weekend a German economic magazine reported that cybercriminals were offering 21 million bank account details for sale at around £10m.

Journalists from the magazine WirtschaftsWoche claim to have received a sample CD containing 1.2 million bank account details after posing as buyers.

The sample CD contained details such as names, addresses, phone numbers, dates of birth and bank account numbers.

The data is believed to have been collected from call centre employees, the magazine said.

Graham Cluley, senior technology consultant, at IT security firm Sophos said all companies need to pay proper attention to restricting access to data.

"If this can happen in Germany, it could happen in the UK too," Graham Cluley said.

Not enough organisations are taking appropriate steps to ensure sensitive data is secure, said Cluley.

This kind of targeted data theft is a much bigger concern than when data is lost accidentally, said Guy Bunker, chief scientist at security firm Symantec.

When CDs containing data are lost, it will not necessarily be exploited because not everyone would know how to do that, Guy Bunker said.

When data is stolen, said Bunker, it is usually channelled through the distribution network of the underground economy and it is much more likely to be used to commit other crimes.

All data loss remains a concern, he said, because although inadvertent losses may not lead to other crimes, it will damage the reputation of companies to look after data properly and that could lead to customers going elsewhere.



Enjoy the benefits of CW+ membership, learn more and join.

Read more on Hackers and cybercrime prevention

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.