Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
Copy of Ecommerce Risks Case Studies
Transcript of Copy of Ecommerce Risks Case Studies
Ecommerce Risks Case Studies (Intro)
This presentation will show a couple of examples of companies using Ecommerce being hacked.
We will be discussing:
The Companies that have security risks
Consequences of the incidents that occurred due to security risks
How to prevent the security risks
What companies lost due to the incidents
Case Study 1 - Sony
On April 26, 2011 Sony Playstation announced its network and Qriocity had both been compromised by hackers between April 17 and April 19 allowing access to 70 million user accounts.
The trespassers got it all: users names, addresses, birth dates, email addresses, passwords, logins, handles, profile data, purchase/billing history, and password security answers. The company also admitted credit card information "may" have been compromised.
Playstation have lost around $171 million due to the hacking in 2011
Precaution: Online services get stronger encryption, more firewalls, and an early detection system to try to prevent future attacks; users are required to update gaming console's firmware and password before going online.
Case Study 2 - Stratfor
It was reported on December 24, 2011 that members of ANONYMOUS had stolen email messages and credit card data from Stratfor's website (a global intellgence company).
The hackers claimed to have retrieved the company's client list and used stolen credit card information to make donations to various charities exceeding one million dollars.
The hackers claimed to have also retrieved over 200 gigabytes of data and stated that Stratfor was "clueless...when it comes to database security". The passwords were in plain text, and many of the passwords were simply the name of the company.
The group initially posted two sets of stolen credit card data, one containing 3,956 items and the other 13,191 items. Next, they posted a set of over 30,000 items.
The main thing to say about the precautions that stratfor could of taken is that they could of made their password more complicated rather than have them as plain text.
Case Study 3 - Microsoft
A blog by Microsoft has been hacked by the Syrian Electronic Army after two Twitter accounts and another blog were attacked by the same group. A warning was tweeted out by the group shortly before the attack. They said to Microsoft: "Changing the information will not help your employees from us." Microsoft said that the accounts had been "reset" which they had to do since personal information of staff employees had been tweeted out by the hackers.
Precautions: Microsoft could work with twitter in order to keep information private and users could have to add extra detail for security