Home Depot Blames Windows for Their Massive Security Hack

Discussion in 'Surface Forum Site News' started by dgstorm, Nov 10, 2014.

  1. dgstorm

    dgstorm Editor in Chief Staff Member

    Joined:
    Jun 19, 2012
    Messages:
    717
    Likes Received:
    164
    Trophy Points:
    43
    [​IMG]

    In case you missed it, Home Depot is the latest company to be embroiled in a massive hacking scandal like the Target fiasco from last year. Just a few weeks ago, Home Depot revealed that their database was breached by hackers resulting in the theft of over 56 million credit cards and over 53 million emails.

    They recently came out blaming an executive's Windows machine for the data breach, and the company quickly purchased a bunch of MacBooks and iPhones for their executives to "fix" the issue. Here's a quote with more of the details,

    Perhaps their security protocols may be more to blame than the particular OS on the hacked device. What do you think?
     
  2. Donald King

    Donald King Member

    Joined:
    Oct 16, 2014
    Messages:
    37
    Likes Received:
    8
    Trophy Points:
    8
    Location:
    South FL
    I have managed IT security for a few organizations - and absolutely yes I can tell you their protocols are to blame. Windows does certainly have some security flaws - but good IT security practice can overcome those flaws. And guess what? Every platform has potential security flaws. Anyone who says their chosen platform does not is just a fan boy.....
     
    MrElectrifyer and enthuz like this.
  3. GreyFox7

    GreyFox7 Super Moderator Staff Member

    Joined:
    Jul 27, 2014
    Messages:
    6,342
    Likes Received:
    1,279
    Trophy Points:
    113
    Indeed, they are victims of their own procedures and lax policies. No doubt Executives were exempt from the same policies governing the rest of the employees, leaving them vulnerable and ripe for picking. none of the recent massive leaks and hacks were not totally preventable had they followed known established security practices. These incidents should stand as a wakeup call although Id bet most are saying it wont happen to me.
     
    Donald King likes this.
  4. leeshor

    leeshor Well-Known Member

    Joined:
    Jun 19, 2012
    Messages:
    5,071
    Likes Received:
    877
    Trophy Points:
    113
    Location:
    Norcross, GA
    My Device:
    SPro4
    Totally the fault of the Executive, not Windows.

    I could probably, with some questions and sleuthing tell you where he went wrong.
     
    annabanana likes this.
  5. Donald King

    Donald King Member

    Joined:
    Oct 16, 2014
    Messages:
    37
    Likes Received:
    8
    Trophy Points:
    8
    Location:
    South FL
    True. One major problem is that a good portion of IT Execs think that if they put in a firewall, push out Windows updates regularly, and enforce an AV product on the systems, then they are protected. Most people in IT know better. Good IT security goes far beyond technology.
     
    leeshor likes this.
  6. MrElectrifyer

    MrElectrifyer Member

    Joined:
    Aug 24, 2014
    Messages:
    29
    Likes Received:
    5
    Trophy Points:
    8
    Location:
    World Wide Powerstation
    My Device:
    SPro2
    How did the malware get installed in the first place? That is the question. If it came through the network, then that's definitely a problem in Windows that needs addressing.

    If it came by e-mail or any other social engineering trick, then the real threat is between the chair and the keyboard, and switching to any other platform ain't gonna fix that...
     
    Donald King likes this.
  7. Donald King

    Donald King Member

    Joined:
    Oct 16, 2014
    Messages:
    37
    Likes Received:
    8
    Trophy Points:
    8
    Location:
    South FL
    User training is a lot of it, but yes you are correct in that all systems are vulnerable. I have a couple of hackers on my security team and believe me they can get into anything they want. Fortunately they use their powers for good :). I have learned over the years that it is not a question of will we be breached, it is a question of when will we be breached, and what are we going to do about it. The truly fatal flaw in Home Depot's practices is that they got breached and didn't know about it for weeks or months. Think of it this way - if Home Depot had issued a statement back when the breach happened - like within a day or two - it would have been much less of a story and they would have caught favor with the public for being open and honest. All they had to do was catch it, plug it, then come out and let people know right away. Honesty goes a long way. Instead, they now look like they are either incompetent or like they tried to hide it - both are equally bad of course.
     
    MrElectrifyer likes this.
  8. sharpuser

    sharpuser Super Moderator Staff Member

    Joined:
    Aug 20, 2013
    Messages:
    2,852
    Likes Received:
    1,030
    Trophy Points:
    113
    Location:
    Pacific Northwest & China
    My Device:
    Surface Book
    I don't blame my car for bringing me to a bad day at the office.

    Or my shoes.
     
  9. TeknoBlast

    TeknoBlast Active Member

    Joined:
    Oct 16, 2012
    Messages:
    763
    Likes Received:
    134
    Trophy Points:
    43
    Location:
    Irving, TX
    LOL, That's the funniest thing I read. Blaming an OS for their incompetence. Now they want someone else to be the bad guy and they spent tons of money on unless hardware for business. Such a weak way to shift the blame on someone else.

    I've worked for a large oil services company, a bank, a bankruptcy firm, and now a software company...and never in all those years we had a breach because of Windows....and that was working with Windows NT back in the day.

    So weak.
     
  10. GreyFox7

    GreyFox7 Super Moderator Staff Member

    Joined:
    Jul 27, 2014
    Messages:
    6,342
    Likes Received:
    1,279
    Trophy Points:
    113
    A bad workman always blames his tools!
     
  11. annabanana

    annabanana Active Member

    Joined:
    Jul 12, 2014
    Messages:
    167
    Likes Received:
    48
    Trophy Points:
    28
    Location:
    at the beach
    My Device:
    SPro3
    If they think Macs and iOS are secure and without security flaws, they haven't been reading the tech news the last couple of weeks.
     
  12. goodintentions

    goodintentions Active Member

    Joined:
    Jun 20, 2012
    Messages:
    386
    Likes Received:
    78
    Trophy Points:
    28
    Haha, blaming the tools for their failure.
     

Share This Page

Search tags for this page

how preventable was the home depot hack