[Owasp-leaders] IRS hacked, well not 'technically' speaking says IRS

johanna curiel curiel johanna.curiel at owasp.org
Wed May 27 01:05:57 UTC 2015

IRS has been hacked

But they mentioned that "The IRS data theft differs in that it did not
involve a computer hack. Criminals used information they had gathered about
individuals to access the system as it was designed to be used, the IRS
Koskinen said the attackers *must have had a significant amount of
information already about the taxpayers*."

If the system is way to dependable on Knowledge Authentication, no wonder
social engineering is the perfect for this case, let called this 'Knowledge
Based Hacking'


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20150526/b121fd11/attachment-0001.html>

More information about the OWASP-Leaders mailing list