In short, encryption could not have prevented the Bibliofind website being hacked but it could have rendered the data which the hacker found completely useless. Security would have still been breached but the effects would have been lessened to almost zero.
Bibliofind is an online business which links buyers and sellers of hard-to-find and out-of-print books. At the time of the security breach in question, it was based in Waltham, Massachusetts, and was a wholly owned subsidiary of Amazon.
In 2001 it was found that a hacker had broken into its servers and had, on repeated occasions, accessed customer records. These included customers' names, addresses and credit card numbers. The company was forced to close the website for several days while it removed customers' information from it servers. Around 98,000 customers were thought to have had their information accessed.
Encryption is the process of transforming readable information (such as those 98,000 customer names, addresses and credit card numbers) in to unreadable data using an algorithm. Only those with the key to the cipher will be able to transform the data back in to a readable format. This process is called decryption.
Encryption does not prevent hacking - prevention must be addressed with other security methods such as passwords. It can help though in that if a hacker is aware that a company uses encryption, they may be deterred from making the effort to hack it. If one company uses encryption and another doesn't, and the hacker knows which is which, they will be more inclined to attack the one which does not. In this way, encryption can help prevent a security breach.
While encryption cannot completely prevent hacking, it should still be an essential with any sensitive data. If the data taken from the Bibliofind servers had been encrypted, all the hacker would have been able to remove would be reams of meaningless junk. Without the key, they would not have been able to see the names, addresses and credit card numbers.
Bibliofind is an online business which links buyers and sellers of hard-to-find and out-of-print books. At the time of the security breach in question, it was based in Waltham, Massachusetts, and was a wholly owned subsidiary of Amazon.
In 2001 it was found that a hacker had broken into its servers and had, on repeated occasions, accessed customer records. These included customers' names, addresses and credit card numbers. The company was forced to close the website for several days while it removed customers' information from it servers. Around 98,000 customers were thought to have had their information accessed.
Encryption is the process of transforming readable information (such as those 98,000 customer names, addresses and credit card numbers) in to unreadable data using an algorithm. Only those with the key to the cipher will be able to transform the data back in to a readable format. This process is called decryption.
Encryption does not prevent hacking - prevention must be addressed with other security methods such as passwords. It can help though in that if a hacker is aware that a company uses encryption, they may be deterred from making the effort to hack it. If one company uses encryption and another doesn't, and the hacker knows which is which, they will be more inclined to attack the one which does not. In this way, encryption can help prevent a security breach.
While encryption cannot completely prevent hacking, it should still be an essential with any sensitive data. If the data taken from the Bibliofind servers had been encrypted, all the hacker would have been able to remove would be reams of meaningless junk. Without the key, they would not have been able to see the names, addresses and credit card numbers.
