Dow Jones latest to be hacked; up to 3,500 customers exposed

So far there is no evidence that any information was actually stolen

Financial trends and news by Steven Loeb
October 9, 2015
Short URL: http://vator.tv/n/409a

Here we go again. The cycle of high profile hackings continues, despite all efforts to stop this from happening. You really have to ask yourself at this point, can anything really be done to end these stories?

On Friday, publishing and financial information firm Dow Jones revealed in a letter to its customers that it is the latest company to have a major security breach. Dow Jones is a unit of News Corp and the owner of publications that include The Wall Street Journal, Dow Jones Newswires, Factiva, Barron’s, MarketWatch and Financial News.

The company says that there was unauthorized access to its systems at certain times for nearly three years, between August 2012 and July 2015, before anyone noticed. So far it has been determined that the payment card and contact information for no more than than 3,500 individuals may have been accessed during the incident.

There is so good news: while it appears the goal was to obtain customer contact information such as names, addresses, email addresses and phone numbers in order to send fraudulent solicitations, as of now the company has not discovered any direct evidence that information was stolen.

"Protecting our customers’ information is of the utmost importance to us. Out of an abundance of caution, we are notifying you that we recently determined there was unauthorized access to our systems," William Lewis, Chief Executive Officer of Dow Jones and Publisher of The Wall Street Journal, wrote.

While we recognize that no company is immune to cyberattacks, we are committed to doing everything we can to protect our customers."

He also said that the company is going to be "taking additional steps to further fortify our systems," without mentioning what exactly that means.

Dow Jones will be sending a letter in the mail to those who may have been affected with more information about the support it will be offering.

In addition, Dow Jones also did the now standard "we take responsibility for not providing security, but don't forget that you're also to blame" thing, where it gives tips to users on how to protect themselves, including not clicking on suspicious emails or attachments, and using security software.

I mean, yeah, protecting yourself is always a good thing but those kind of warnings also sort of smack of victim blaming to me.

In terms of size and scope, this hack is miniscule compared to come of the others we've seen in recent years.

Target's leak, for example was said to have affected 70 million customers who shopped there, as well as up to potentially 40 million credit cards. When Michael's was hacked it put 3 million cards at risk.

The Home Depot breach was said to have affected up to 56 million cards and approximately 53 million email addresses.

With those incidents, plus the ones on companies Dairy Queen, Kmart, Sony Pictures, Skype and Ashley Madison, not to mention iCloud and the freaking U.S. government, you'd think that more measures would be taken to protect data.

Yet not enough is being done. A study out from mobile app security and analytics company Bluebox last month, which focused specifically on travel apps,  found gaping security holes for apps in mobile security.

So until we actually decide to do something to really fix these problems, I will continue to write stories like this.

(Image source: technollama.co.uk)