It's unclear whether the exposed data was encrypted or not
I think it's *very* clear. Like the data, in fact.
UK debt relief charity Christians Against Poverty has begun writing to supporters following a data breach that exposed personal details – including phone and bank account numbers, and banking sort codes. Unidentified hackers broke into the charity’s systems in late July. The intrusion was only detected a week later, as an …
Encryption at rest is hard. For most people it's ticking the "encrypt" box in EBS/NTFS/LVM but that doesn't really help in any situation except physical theft.
I'll best most of the supposedly IT literate Reg readership don't have all copies of their customer database encrypted.
Sadly, in common with many charity outfits, it's very possible that their "systems" were indeed Tony in the office's desktop computer and his spreadsheet. And the "sophisticated, illegal, external attack" was malware on an email attachment.
I can understand why a charity may not have the cash, or desire, to spend shedloads on security. But in that case they really should have the sense to not attempt to store bank details. Why wasn't that left to their bank?
Maybe we have to change the way we do business and by that I mean buy stuff.
I've noticed many times people on here use the term 'pre paid card', maybe that's the way forward!
Plan your purchases as you would normally do but over a secure system transfer just enough to buy what you want and no more and use that throw away card with no links to you.
This approach would curtail the debit/credit card scammers. Scumbags!
You can get cash cards that you can top up online. Some can even be topped up with Bitcoin.
So hold a portion of cash in Bitcoin in a cold wallet. When you need to spend some transfer some BTC to your card then spend immediately.
.The safety of your money is entirely up to you this way. Nothing is held online and nothing is held by a third party for longer than is necessary.
I know the value of BTC fluctuates in the short term but over longer periods it generally increases. More so than the interest you can get on a current account.
You don't have to be a "believer" or use it for the rest of your life. Just while you can take advantage of it.
>Christians Against Poverty
Ever notice the mega churches that draw the most people (at least in the US) are more about prosperity preaching (ie God wants me to be rich)? I guess that is how they are against poverty. Luckily I hope at least they are still a tiny minority.
These guys are definately not the "Prosperity Gospel" leeches, who I wouldn't piss upon if they were on fire. CAP id an organisation who's primary goal is to help people who have got themselves into a nasty mess of debt manage their finances and get out of debt. They are not perfect, some creditors do not like them at all, and are admittedly evangelical - if their assistance encourages a client to church they will be very happy bunnies indeed, but it is a side goal.
I *have* seen their help have a clear, direct and great affect on a peronal friend (who would still only be dragged into church for hatchings, matchings and dispatchings).
Disclaimer: I once went for a job there (in Bradford), and I know someone who works there.
Going on accounts from several of my friends who volunteer with CAP, it's a lot closer to the "ideal" of a Church (helping your neighbor) rather than the institution of "Church on Sunday".
I believe many CAP branches (possibly all, not an expert) are "hosted" by a local Church who support/lead the fundraising for the CAP branch, sometimes pay a "wage"/expenses to the main local CAP contact (was the case locally in the past, not currently), and many of the volunteers will be Church members (I think all local CAP staff are volunteers) but not necessarily the same Church.
More closely aligned to Robin Hood than Sherrif of Nottingham, which is why debt collectors dislike them :D
Biting the hand that feeds IT © 1998–2020