Data Breaches: More About The Money Than Stealing Identities

Brian Krebs of the Washington Post recently ran a story on his “Security Fix” blog post that made a very insightful point: most data breaches involve the stealing of money, as opposed to stealing identities. As Krebs noted in his piece, a couple week ago, Downeast Energy & Building Supply sent a letter notifying at least 850 customers that the company had suffered a data breach. The company discovered that hackers had broken in and stolen more than $200,000 from the company’s online bank account. He also noted that this breach bears all the hallmarks of online thieves who have stolen millions from dozens of other organizations over the past several months. In every case, the thieves were motivated by money, not pilfering their victims’ customer databases.

As they say “money talks.” And, if the bad guys can pull off a massive breach and get immediate access to cash from a company, then they will do it. Seems they want to be efficient taking the extra step of stealing credit card information from customers.