According to a Times investigation, websites are posting sensitive personal information for criminals to access

A new investigation reveals it is easy for hackers to obtain sensitive personal information and for criminals to access bank records.

According to the Times investigation websites are posting account numbers, PINs, addresses and security codes so ID theft is only a click away.

Andrew Hewson, risk mitigation specialist at networking integrator Telindus, responded to the findings.

He said: ‘This investigation suggests that hackers are becoming more collaborative. No longer are they working in silos, but are now joining forces to piece together shreds of information from multiple sources to offer complete profiles to the highest bidder.’

“We are approaching the busiest time of the year for card transactions, and Christmas is the prime time for fraudsters.

Andrew Hewson, risk mitigation specialist at networking integrator Telindus

‘This investigation should sound alarm bells in financial institutions up and down the country. Historically, hackers were only able to access piecemeal data strands and cause limited damage. Today, they have discovered the power of collaboration. By pooling information with other hackers, they are starting to create a hacker’s CRM database, if you will, and have begun weaving these disparate data strands together. This team approach means that the cyber-criminal poses a more significant threat as they now have a rounded view of their target. We get taught in school that two heads are better than one… it seems the hacker has finally realised this!

‘The fact that the information is gathered from several sources provides investigators with a major headache, especially if a source is overseas. To combat this, the police and financial industry must work together. First we need a central e-crime unit that the public can contact to report cyber crime and identity theft rather than the local police station. This agency should have the power, supported by the financial industry, to insist that any security breaches are immediately closed. These measures should be enforced by a new set of regulations that will include any point of failure, even if it is overseas.

‘We are approaching the busiest time of the year for card transactions, and Christmas is the prime time for fraudsters. The Government and the financial industry must act now. This is not something for a government quango, it has to happen quickly.’