The website for the Washington State court system has been hacked and up to 160,000 Social Security numbers and a million driver's license numbers may have been accessed, officials said on Thursday.
The disclosure, which follows a number of major hacking incidents in recent years that have targeted a range of companies from Twitter to Apple Inc, raises concerns that the information accessed could be used to commit financial fraud.
The breach was discovered in February, and officials at first believed no confidential information had been leaked even though a large amount of data was downloaded from the website, the Washington State Administrative Office of the Courts said.
But officials later determined that 94 Social Security numbers were definitely obtained by the person or group that committed the security breach, while 160,000 Social Security numbers and a million driver's license numbers may have been accessed.
~ from Washington State System Hacked, Data of Thousands at Risk by Elaine Porterfield ~
Every time I hear someone extol the benefits of cloud computing, I shudder a bit. It's one thing to use Blogger to host this blog because there isn't any sensitive data here, but it is another thing altogether to upload Social Security and credit card numbers. Even though this news article isn't necessarily about cloud computing, it does highlight the dangers.
I don't think that a cyber criminal syndicate sits around trying to strategize ways specifically to hack into my computer. I don't think one criminal says to another, "If I could hack into Trey Smith's computer, it would represent my crowning achievement in life." The same cannot be said for efforts to hack into corporate or governmental websites. Such sites tend to possess a treasure trove of valuable data that can be easily manipulated for nefarious purposes.
And that is why, with few exceptions, I don't store any pertinent data online. When I pay bills or make purchases online, I enter my debit card numbers manually. When given the option to have the numbers retained by the site, I pass. Yes, it is less convenient, but I'd rather be a bit inconvenienced than to allow a company to store the information and then later find out that their system has been hacked and the data has been stolen!