A report for the newsarticle written on 9 May 2016 published by the BBC (British BroadcastingCorporation) “Kiddicare customer data stolen from ‘test’ website”.Kiddicare a British parenting retailer that trades online andknown for selling pushchairs, car seats and more suffered from malicioushacking and warned that about 794, 000 customers have been affected. The databreach exposed personal information of its customers including names, emailaddresses, telephone numbers and delivery addresses. The company emphasizedthat no payment details have been compromised as Kiddicare does not process orstore credit card information. The company became aware of the data breachafter customers who received suspicious text messages from a website claimingto be a subsidiary of Kiddicare.
com reported the matter to the company. Thehackers sent the text message to a small number of customers to take part in anonline survey.Areas of information towhich it relates.As described by Trend Micro, data breach is an incident whereconfidential information is stolen from a system without the knowledge orauthorisation of the organisation or individual that owns the information ordata. Data breach is common to both small and large organisations. Stolen datafrom Kiddcare test site included customer names, email addresses, phone numbersand shipping addresses.
Companies that suffers data breach mostly suffers from bad reputationdue to a perceived betrayal of trust. Companies and individuals sufferfinancial and reputation losses due to data breaches. This is common iffinancial records are compromised rather than just personal name and phonenumbers and so on. Kiddicare emphasised that they do not store or processcredit card information therefor no customer financial data was compromised.
Inthis situation the risk of reputation or financial loss is minimum.Malicious hacking or malware attacks are the root causes of databreach in most cases. A good example is Kiddicare data breaching which was as aresult of hacking. In the case of Kiddcare the breach was attributed to hackingof test website that was used in November 2015 according to information thatwas provided by a security company.Phishing canbe described as a form of social engineering in which fraudsters uses emails,phone or malicious websites to trick Internet users into submitting personalconfidential information by posing as a trustworthy individual or organisation.Malicious hackers use phishing to obtain personal information which they willuse to defraud unsuspecting people. According to Graham Cluley on his twitter account(May 9, 2016), “One clear risk is that Kiddcare customers might be contacted byfraudsters pretending to be the baby specialist retailer, in an attempt totrick unsuspecting consumers into handing over payment information”.Phishingis one of the most used forms of identity theft, it isimportant for customers or internet users to become familiar with various typesof phishing scams that are used by attackers as well as to learn how to guardagainst them.
Why this is an issue of note