Insurance giant coughs to malware-related data breach The US arm of insurance giant Aviva has blamed a computer virus infection for the potential disclosure of sensitive personal information. Aviva (Norwich Union, before a recent rebranding) admitted the breach in a letter to the Attorney General of New Hampshire, one of several states that maintain strict information security …
So somebody finds malware on a PC known for stealing information and for possessing some sophistication for multiple attack vectors and remote controls. Determining what damage has been done is a staggering challenge. I opined on it some in this blog post below:
PC Malware Driven Security Breach Disclosures—A Case of Worms http://www.securitynowblog.com/endpoint_security/pc-malware-costly-security-breach-disclosures
Cheers,
Eirik
Is that it?
The thing about this type of information. Compared to Card info. is it has a usefulness for a long time.
You name doesnt (really) change
Your DOB doesnt change.
You may move house. But that sort of information can be obtained.
All these infos can be used to perform REAL ID theft.
(I dont class card fraud as ID theft)
This post has been deleted by its author
A 'password stealing trojan' would work on external client computers connecting to Aviva's service, but from within Aviva. Sounds like a much more mundane human error data security breach where personal information was unwittingly leaked.
Or even a key-logger device.
A trojan is just not logical here - I don't buy it, and Aviva is being very vague and cagey about the precise nature of the breach.
Paris? Her video is the earliest known data security breach in humankind.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
