Quote:
Originally Posted by Golfguy
Well if it's ransomware it means someone has control of their servers. That means they have control of ALL info. So if they keep credit card info on file, it's in there. I don't believe they encrypt passwords, so there's that too. If you use the same passwords for important things such as credit cards, banking, etc., you might want to make some changes. I know some are joking on this thread, but this is serious. ALL of SA customers (auction houses) have been compromised.
|
Up until recently - Ransomware HAS NOT also attempted to steal the data. Best "guesstimates" currently put it at a 1 in 10 chance that the attackers are interested in stealing data.
I m involved with Information Security as a profession and in my experience - the attackers are really only interested in getting paid (usually thru Bitcoin as it is almost impossible to trace). Additionally, In almost ALL cases - once the payment is made the victim WILL receive instructions on how to recover their data.
In my opinion - there are many more $$ and much less chance of getting caught by doing what they do best - extorting cash from their victims.
https://blog.emsisoft.com/en/36569/t...an-one-in-ten/
A well designed security posture can nearly eliminate Ransomware Breach but can get quite expensive and smaller companies struggle with trying to provide adequate security against ALL Internet perils.