Micheal, While I am certainly no expert with ISP's, computers and the such
(actually I'm more of a complete idiot with these things) what I have been
doing ever since going online is I have a credit card with a $500.00 limit.
The credit card company keeps trying to raise my limit because they say I'm
"a prefered customer and have such good credit with them" yaddah yaddah
yaddah.....But anyway the point is that I only use this account for internet
and mail order type stuff, this way if somehow security is compromised I'm
only out $500.00. Just a suggestion and glad to hear you weren't taken to
receivership. Regards Craig Bentley
-----Original Message-----
From: Michael D. Porter <mdporter@rt66.com>
To: triumphs@autox.team.net <triumphs@autox.team.net>
Date: Monday, August 10, 1998 4:34 AM
Subject: A cautionary tale...
>
>Although the following is not strictly LBC-related, it is related to
>your access to this mailing list.
>
>My mail access died early Friday morning. No explanation was immediately
>forthcoming. I tried to connect off and on for a couple of days, without
>success. I called the provider's tech support Saturday evening, and
>received a message that the mail service, interactive login service and
>server web site were down, and that the company was working on it.
>
>Early Sunday morning, a few messages got through, and I figured the
>glitch was gone. No big deal. Mid-Sunday, though, there was still no
>service. Not only was mail sporadic, but outgoing mail was impossible.
>
>Typical Internet problems, you might think, as did I. I went to work for
>a while, came back Sunday evening, and found this message waiting for
>me:
>
>"Some of our customer data was compromised early Friday morning, Aug. 7,
>1998,
>and that data included your credit card number. Please notify your
>credit card
>company, and if need be, cancel your credit card. The cause of the
>compromise
>and this theft has not yet been determined.
>
>"*** is working with the authorities and credit card companies in
>investigating
>this matter. We apologize for the inconvenience and thank you for being
>a loyal
>*** customer."
>
>These people violated the basic tenet of C2-level security. That level
>strongly suggests that sensitive data be stored on machines without any
>means of automatic connectivity. In other words, standalone devices with
>physical and password security.
>
>If you gain access to the Internet through a small provider who bills
>your credit card monthly, you might find it in your interest to pass
>this message on to your provider, along with the admonishment that
>unless they can, in detail, describe to you the level of security
>provided for your personal and credit card data, you will expect monthly
>paper billing, or you will find another local provider with better
>security.
>
>I was lucky. I called the credit card company and found there were no
>new billings in the past three days, and had my accounts transferred to
>another number. However, it took my provider three days to notify me;
>had another day, or two, passed, I could have been in receivership,
>given the credit limit on that card. Keep in mind that access was
>provided on the basis of giving the provider my credit card number for
>monthly billing--I was not given the option of monthly paper billing.
>Such an arrangement is for the convenience of the provider--it reduces
>their costs.
>
>Just something to ponder, folks.
>
>Cheers, All.
>
>--
>My other Triumph runs, but....
|