Dell Computer Security Breach vs. Cathay Pacific's

v=DMARC1; p=none; rua=mailto:dmarc-dell-rua@dell.com; ruf=mailto:dmarc-dell-ruf@dell.com

The good news: Dell security personnel identified the breach the same day it happened. Two thumbs up. The bad news: Dell is NOT enforcing DMARC enforcement (see the p=none), which means anybody could send email purporting to be from Dell and not get caught. I'd like to be a fly on the wall as the forensics team investigates just how the breach happened.

This, however, doesn't have nearly the bad news implied in the Cathay Pacific Breach. They, too, do not enforce DMARC. The major Hong Kong airline, however, TOOK NEARLY SIX MONTHS to notify the public of the suspicious activity they noticed in March and the actual hacker access in May.

Semi kudos to Dell. A big two thumbs down for Cathay Pacific. It's questionable whether or not the Dell hackers got any customer data. Cathay Pacific, on the other fist, lost data on 9.4 million people.

Comments

Popular Posts