Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: "Hacker attacks won't hurt your company brand"
From: "Thor (Hammer of God)" <thor () hammerofgod com>
Date: Sat, 22 Jan 2011 17:30:48 +0000

Last I checked, TJX and Heartland were both still in business, and I don't think
any of their security teams ended up in jail or severely unemployed(*).
It's really hard to argue against those two data points.

'Nuff said.

Why would you want to argue for those data points in the first place?  After the breach, TJXs stock immediately dumped 
14% to its lowest value of the entire year.  It took ~6 months for it to stabilize around pre-breach trading.   I'm not 
sure what actually qualifies for a "Nuff said" closer here, but I think stock quotes are a pretty good candidate over 
position cycling.  

But to be specific, that isn't what Sweeny said anyway.  He said hacking effect on "brand identity" not "value."   That 
said, if he considers a 6 month stock recovery from a 14% drop a "little dip" then I'm envious of his portfolio (and is 
actually a point worth making to establish his reference).  How Shostack took that to mean that breaches don't have 
business consequences and that a Day of Reckoning is coming for those who say it does is something I just can't see, 
but I think it is safe to assume that his opinion is not based on owning TJX stock.


Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]