We have written here before about Cyber Security Wake-Up Calls. Now here is a huge wake up call for citizens in California. Brian Krebs, the investigative journalist famous for revealing the Target credit card breach late last year, has revealed another compromised credit card system at the California Department of Motor Vehicles. According to his blog KrebsonSecurity, MasterCard issued a private alert to nearby banks in March that a data breach existed at the DMV from August to December – on a credit card system that annually processes more than ten million credit card transactions. The DMV will not confirm the theft but admits to “seeking information regarding any potential breach.” The agency joins the growing list of institutions breached in 2014 – a group that includes the Internal Revenue Service and the University of Maryland, College Park.
The ballooning rates of cyber crime in the United States reflect the capabilities gap between hackers and cyber defense. Integrating information technology has permeated most American social spheres and economic sectors, with cyber security struggling to keep up.
Following the target breach, Congressmen have introduced several bills requiring companies to notify the federal government and affected individuals of data breaches. Attorney General Eric Holder supports the legislation – Congressional action could standardize breach responses and more appropriately guide the actions of national companies.
But cyber security guru Adam Levin thinks legislation regarding breach disclosure misses the point; “in the absence of laws or regulations forcing all companies to protect your data (and your money) better, companies simply aren’t going to lose enough money in a data breach to “justify” the costs of better security.” Without tougher financial penalties, the data breaches at the California DMV and Target will prove just a taste of cyber crime to come.