Important And Confidential Financial Information: Hacking The AIS (Essay Sample)
The sample deal with hacking the AISsource..
Hacking the AIS
A number of companies have had their database systems hacked and their information accessed without their authority. Hacking is a vice that is perpetuated by malicious individuals who have bad motives of accessing their important and confidential financial information. Examples of the companies whose their database systems have been hacked include Neiman Marcus, White Lodging Services Corporation, Sally Beauty Stores, P.F. Chang's Bistro and JP Morgan Chase just to name a few(Garget al, 2003). For the sake of this presentation we shall discuss the hacking of JP Morgan Chase, illustrating how its database system was hacked, the security measures taken and the implication of the hacking.
The level of responsibility of the company in terms of the effectiveness of the response to the security breach
JP Morgan Chase & Co. reported on 2nd October,2014 to the Securities and Exchange Commission (SEC) that its systems had compromised the security of approximately 7 million small businesses and 76 million households. The cyberattack compromised PII that included the names, phone numbers, addresses, email addresses and the internal information of the company relating to the users. There was however no evidence from the filling of the company that the account information and other details including users IDs and passwords, birth dates and social security numbers of the customers had been compromised. The company claimed that it had not identified any fraud relating to the hacking incident. It reassured its customers that if they reportedpromptly, then they would not be held liable for unauthorized activities that would arise on their accounts (Silver et al 2014).
JP Morgan Chase Company's systems were not very secure as the disclosure on the hacking prior to October 2 was so general. It was stated that the firm was regularly targeted by parties that were not authorized by use of viruses and malicious codes. There was also attempts to breach the firm's data and systems security resulting in unauthorized access to account data of the customers. Media reports indicated that the hackers accessed JP Morgan servers that stored all information about the customers sometimes in the mid-June 2014.
The company however learnt about this data breach in mid-August taking steps to stop further unauthorized access to its servers. During the time of the hacking, the United States Secret Service working with the FBI stated that they were doing investigation on the reported cyber attacks on financial institutions in the US. JP Morgan Company continued to insist that the hackers were not able to use the information they had accessed for fraudulent purposes. It acknowledged that the hackers obtained vital information but the company could not be able to monetize that information that the hackers stole. It was an irresponsibility on the part on JP Morgan Company because it was hiding the truth from the customers and also took the whole issue lightly instead of dealing with it (Silver et al 2014).
Third-party accounting system:The level of responsibility of the software provider to both the business and its clients.
The service provider has a responsibility of ensuring that both the business's and client's stake are secured. He should make sure that they are protected from the risks that come along as a result of system hacking. System hacking may be doneeither willingly or unwillingly. Organization stakeholders, competitors, and suppliers may consciously access (hack) the system with an intention of changing the information in the system. They intentionally hack the system accessing the information so as to get knowledge of future costs of the company and any other information with an aim of misrepresenting the true picture of the company.
It is very important that the IT department and the information security administration suppliers in the organizationwork as a team so that the risk of loss that may be caused by the system hacking may be prevented. Syst