The Register® — Biting the hand that feeds IT

Insurance giant coughs to malware-related data breach

jeremy

"year's free identity protection" 

which is worth er.... nothing atall really!!!

Eirik Iverson

Any Breach Found is Only Tip of Iceberg 

Pirate

So somebody finds malware on a PC known for stealing information and for possessing some sophistication for multiple attack vectors and remote controls. Determining what damage has been done is a staggering challenge. I opined on it some in this blog post below:

PC Malware Driven Security Breach Disclosures—A Case of Worms http://www.securitynowblog.com/endpoint_security/pc-malware-costly-security-breach-disclosures

Cheers,

Eirik

zerofool2005

Free for a year? 

Happy

Is that it?

The thing about this type of information. Compared to Card info. is it has a usefulness for a long time.

You name doesnt (really) change

Your DOB doesnt change.

You may move house. But that sort of information can be obtained.

All these infos can be used to perform REAL ID theft.

(I dont class card fraud as ID theft)

Ken Moorhouse

The firm is offering a year's free identity protection... 

>The firm is offering a year's free identity protection at no cost as a means of protecting its clients from potential harm.

http://www.aviva.co.uk/identity-theft-protection/

Call me a cynic, but I reckon they will be looking to make some easy money upon expiry of the "free" period by taking direct debit or credit card mandates from their victims up front.

Goat Jam

"Affected hardware" 

Gates Horns

Oh, really?

I'm sure they meant "hardware that the affected Windows software was running on" there

Anonymous Coward

Doesn't sound like a trojan to me 

Paris Hilton

A 'password stealing trojan' would work on external client computers connecting to Aviva's service, but from within Aviva. Sounds like a much more mundane human error data security breach where personal information was unwittingly leaked.

Or even a key-logger device.

A trojan is just not logical here - I don't buy it, and Aviva is being very vague and cagey about the precise nature of the breach.

Paris? Her video is the earliest known data security breach in humankind.