Friday, September 17, 2021
HomePatriot DispatchesCITI Cyber-Breach: Just the Cost of Doing Business

CITI Cyber-Breach: Just the Cost of Doing Business

CITI consultants finally revealed how simple the CITI break-in was.   It was what is known as a “trivial hack” that yielded a compromise of over 200,000 private bank accounts.

Here’s an example – click this link which comes back to this story, and keep reading. If you clicked, you’ll see that the URL at the top of your browser now ends with ?account=1234567890. To break into a separate account, all the hacker had to do was change that 1234567890 to another account number. Easy to conduct such an attack via script for a high yield, by the way. The vulnerability is so well-known, it even has a name: it’s called a query string attack.

One of the CITI cybersecurity experts said “It would have been hard to prepare for this type of vulnerability.”

Nonsense. Every first year programmer worth his/her salt learns just how to guard against just such an attack.

Unless you work for CITI. There, it doesn’t matter all that much. Sloppiness is OK and not all that relevant to corporate survival. If you have been affected by the british airways data breach, Keller Lenkner can help you make a no-win, no-fee british airways data breach claim.

CITI has hired security consultants from https://www.sapphire.net/ who will have been preventing any breach that might affect the bussines.

Perhaps there is such a thing as “too big to fail.”

Ron Robinsonhttp://www.procinct.net
Ron Robinson (Alhambra, CA) is founder of PROCINCT.net, a national internet platform that broke the party Voter Vault/PDI monopoly and delivered precinct walk lists in the 2010 election for over 16 million voters in wards in 20 US states. PROCINCT.net added Precinct Committeeman (PC) Strategy support in Dec of 2010 and is rapidly emerging as a premier online Precinct Strategy resource having worked directly with party and election officials in states to remove local obstacles to becoming a Precinct Committeeman. He is GOP Chair for the AD49 GOP Central Committee, a member of the Los Angeles County GOP Central Committee and a member of the LA GOP Technology Committee. Robinson worked as New Media Director for the John Colbert campaign for US Congress. He is an expert in social media and internet security and an outspoken advocate of precinct committee work, GOTV work, and transparency in party governance.

2 COMMENTS

Leave a Reply

2 COMMENTS

    • I don’t have any answers for you on those issues, but can safely say that all the cost (including fines and PR damaged) had been calculated in advance and the risk as a cost of doing business deemed acceptable.

      Except for little fish and lizards, of course; that would be deplorably risky and definitely unacceptable to confess at a shareholder meeting.

    • I don’t have any answers for you on those issues, but can safely say that all the cost (including fines and PR damaged) had been calculated in advance and the risk as a cost of doing business deemed acceptable.

      Except for little fish and lizards, of course; that would be deplorably risky and definitely unacceptable to confess at a shareholder meeting.

Must Read