Who Are These People? Talvest Mutual Funds “Expert”

In an article referencing the Talvest Mutual Funds data breach from the Montreal Gazette, this was the quote…

Phil Levi, a local forensic and investigative accountant, says criminals typically act quickly in cases of identity theft, usually within 48 hours of obtaining the information.
“With these fraudsters, it’s hit and run.”

I’m sorry to be rude, but what the heck is this guy talking about?
According to this article, 470,000 people’s information was compromised.
I’ve NEVER seen a study which says that large databases of information become less valuable over time, or that criminals use the information right away. And I COMPLETELY disagree with this expert’s assessment.


Even if you wanted to, and had the means to, how could you use 470,000 people’s information at one shot without sending up red flags all over the place?
If I’m a criminal, and I steal a hard drive containing thousands of people’s information, I would NEVER use that information myself. I would find a way to make a quick buck by selling the database to an underground information broker. Total Time for finding a buyer, receiving payment, and sending database of information to complete transaction:
2-7 days.
That information broker (black market broker), is going to piecemeal that information out to try to obtain maximum value from it. 5,000 people’s information here, 10,000 people’s information there… total time for information to be broken up and sold to people who actually might use it?
10 days to 3 years… depending on the size and complexity of the database.
So I don’t know what this expert is talking about, but he’s definitely not reading the same stuff I am. What do you think? Can a database be hacked and this information used in 48 hours or less? Should people feel more safe knowing that this expert has assessed their risk to be minimal since his undocumented quote says that these kinds of fraudsters are only interested in hit and run?
Voice your comments below.

 

Tags: , , , , ,

One Response to “Who Are These People? Talvest Mutual Funds “Expert””

  1. Datasecurity Says:

    This is also the case with credit card data. In fact many attackers will sit on the data for 12-18 months in order to reduce the possibility of being identified with a common purchase point (CPP) designation.