Hacked smartphone raises concerns
Hacked smartphone raises concerns

Paris Hilton hack highlights security failure

Service providers not doing enough to protect data, says Gartner

Written by Robert Jaques

vnunet.com, 01 Mar 2005

The recent Paris Hilton incident, when hackers stole addresses and phone numbers from the celebrity's smartphone, highlights a wider failure to secure consumers' personal information, Gartner has warned.

Avivah Litan, vice president and research director at the analyst, said that the hack, which resulted in the contact details of stars including Anna Kournikova being posted onto multiple internet sites, shows that service providers and regulators, including those outside the banking and credit card industries, need to do more to safeguard sensitive customer data.

Advertisement

The warning comes after the security breach on 22 February, when a T-Mobile spokesperson confirmed that someone accessed and stole phone numbers, personal notes and photographs stored on Hilton's Sidekick II smartphone.

According to Gartner, the data was compromised in one of two ways: someone hacked into the server at T-Mobile where the data resided; or someone stole her password either offline or online through phishing or keystroke-logging malware.

"Whatever the method, this incident confirms Gartner's belief that service providers need to take an holistic view of combating fraud and break-ins. They must erect as many walls as possible, using a multi-channel, cross-silo system approach," said Litan.

In order to better safeguard customer information, service providers should encrypt data, implement strict systems that manage access to this data and extend data protection methods used for credit card account information to all sensitive information.

The analyst firm noted that data encryption, network segmentation and data access management processes are all requirements under the Visa and MasterCard payment card industry standard for companies that handle cardholder data, as T-Mobile does.

Gartner also believes that regulators should impose penalties and fines on service providers that do not safeguard sensitive customer data.

"While there are some basic steps that consumers can take to protect their data, such as not sharing passwords, customers should not be held accountable for breaches and hacks beyond their control," said Litan. "The guardians of the data have to take steps to protect consumers and other customers."

Tags:

Comments

Have your say on this article

White papers

Related jobs

More Accounting jobs

Most read

Most commented

Special Reports

Latest

Spotlight

The year ahead: doom, gloom and the future

IT has been a year of unprecendented turmoil – so...

Top 30 Accounting Networks and Associations 2008

The race to become the biggest firm on the planet...

Barack Obama Accountancy Age cover October 2008

Obama: asset or liability?

What an Obama presidency could mean for you

Find your next job

Find your next job
Salary Checker

Job of the week

More finance jobs

Newsletters

Sign up here for the very latest news delivered to your inbox. Choose from the following options:

Your next job

Have your say

THE BIG QUESTION: TAX CUTS
Will proposed tax cuts help to stimulate the economy?
Yes
No

Advertisement

Search white papers

Search white papers

Advertisement