Most of you have read about the security issues that have confronted LexisNexis and ChoicePoint, and each day we learn more news about more systems and databases that have been or may have been compromised. Here’s a secret, “Google hacking” is easier. It’s a term used to describe the simple act of using publicly available search engines (no, not only Google) to find information that criminals and wrong-doers can use.
Several months ago, The Wall Street Journal reported that some security experts held a contest to demonstrate how good Google hacking can be—they limited contestants to using only Google’s search engine and in less than one hour they unearthed enough information to perpetrate financial fraud on about 25 million people—including useful combinations of names, birth dates, credit card and social security numbers. In one such experiment, a team of contestants found a directory of more than 70 million social security numbers—all belonging to individuals who are no longer alive.