EPISODE ONE

The following account of a data security breach is fictional, but the details describe the way security breaches do occur in the real world. It was written by an anonymus executive officer at a data security firm, and by Richard Gamble.

June 12, 2008, Bangalore, India: Rajiv Chandri rides his bicycle seven miles to the office where he works as a database administrator for an Indian firm that provides outsource services to multinational corporations and checks in with his badge at security checkpoint. He’s worried because his wife was recently laid off from her telemarketing job and the auto company has repossessed their car. Using his super-user credentials, he logs in to the CRN database for QualitiMart, a large U.S.-based retailer, to check on the status of daily backups. Then, just for the fun of it, he runs a “SELECT” query on the credit card table. Not surprisingly, the query returns hundreds of thousands of credit card transactions for QualitiMart stores. He logs off quickly and a little guiltily, but he’s not really worried because he knows that his actions aren’t being monitored.

 Download the full PDF