Reuters broke the news earlier this month that Internet giant VeriSign was repeatedly hacked during 2010. VeriSign does not believe the attacks breached the servers that support the firm's Domain Name System network, but at this point, has ruled nothing out.
Should that particular network be breached, it could be devastating for many of the world's websites, which would allow cybercriminals to redirect users attempting to visit those popular websites, as well as infect surfers with malware.
According to VeriSign's U.S. Securities and Exchange Commission filing, senior management at the company were not notified of the breach by their IT team until a year after the fact. The statement indicated that IT personnel had worked to implement "remedial measures designed to mitigate the attacks, and to detect and thwart similar additional attacks."
The statement also said that given the nature of such breaches, VeriSign officials are not positive that the actions taken were enough to prevent future attacks or the future loss of information.
Although it is commendable that VeriSign is not owning up to the breach and has, by all appearances, been open about the incident, many companies are not, often not telling the public or even those possibly affected about the breaches. Companies must strive to do better, and the federal government must step up and hold corporations accountable. Our personal and financial information is far too important to risk to save bruised egos.