Ingram Micro Discloses Hacker Attack
Ingram Micro last week disclosed in a letter to former and current employees that the company detected unauthorized access to its computer systems containing names and personal identification such as Social Security numbers, national identification numbers, and passport numbers for U.S. employees and their beneficiaries of health care, life insurance, and 401(k) benefits.
The letter dated May 17 reveals that the computer distributor has no evidence of entry into specific personal-information databases, but wanted to alert employees whose stored information may have been compromised. The company declined to comment on exactly when the breach occurred, or why the letter took two weeks to arrive at a local address, because of an ongoing investigation by law enforcement.
At Wackenhut Corp., a service operator taking messages from concerned callers said Ingram Micro hired the security company two months ago to set up a confidential employee hot line to take calls. The security firm said the hot line is a requirement of the Sarbanes-Oxley Act and not a result of the security breach.
Taking precautionary measures, company officials recommended placing a fraud alert on credit files, and provided telephone numbers to Equifax, Experian, and Trans Union credit-reporting agencies.
But Ingram Micro isn't alone. Companies typically store employee and customer information in archived databases for seven or more years to accommodate Internal Revenue Service tax audits. As a result, companies need to do more to protect sensitive information, Gartner urged in a recently released study. The research firm suggested putting in place intrusion-prevention systems to block malicious actions. These intrusion-prevention systems need multiple algorithms to successfully keep out unauthorized access.
They also must provide blocking capabilities that include signature-based blocking of known attacks by moving beyond simple signature-based approaches, such as those used by antivirus and intrusion-detection systems, to at least support policy, behavior, and anomaly-based detection algorithms, Gartner suggested. These algorithms should operate at the application level in addition to standard, network-level firewall processing.
As intrusion-prevention systems mature, they will positively identify and block higher percentages of attacks than today's first-generation intrusion-prevention systems, Gartner said. However, the system will never be perfect, and it's always necessary to flag suspicious activity for further investigation by humans.
This story courtesy of Information Week.