<div dir="ltr">Yes Social Engineering could be the reason for the attack. or internal attack that have enough information from the inside<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, May 26, 2015 at 6:05 PM, johanna curiel curiel <span dir="ltr"><<a href="mailto:johanna.curiel@owasp.org" target="_blank">johanna.curiel@owasp.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">IRS has been hacked<div><a href="http://www.newsweek.com/data-breach-irs-exposes-return-information-estimated-100000-taxpayers-335886" target="_blank">http://www.newsweek.com/data-breach-irs-exposes-return-information-estimated-100000-taxpayers-335886</a><br></div><div> </div><div>But they mentioned that "The IRS data theft differs in that it did not involve a computer hack. Criminals used information they had gathered about individuals to access the system as it was designed to be used, the IRS said...</div><div>Koskinen said the attackers <i>must have had a significant amount of information already about the taxpayers</i>."<br></div><div><br></div><div><br></div><div>If the system is way to dependable on Knowledge Authentication, no wonder social engineering is the perfect for this case, let called this 'Knowledge Based Hacking'</div><div><br></div><div>Regards</div><span class="HOEnZb"><font color="#888888"><div><br></div><div>Johanna</div></font></span></div>
<br>_______________________________________________<br>
OWASP-Leaders mailing list<br>
<a href="mailto:OWASP-Leaders@lists.owasp.org">OWASP-Leaders@lists.owasp.org</a><br>
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div><div>Best Regrads<br>John Patrick Lita<br></div><u><b>Chapter Leader OWASP Manila</b></u><br>FB Page @<a href="https://www.facebook.com/OwaspManila" target="_blank">OwaspManila</a><br><a href="https://www.owasp.org/index.php/Manila" target="_blank">https://www.owasp.org/index.php/Manila</a><br><a href="https://lists.owasp.org/mailman/listinfo/owasp-manila" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-manila</a><br><span><a href="https://lists.owasp.org/mailman/listinfo/owasp-manila" target="_blank"><span></span></a><span><span><img src="https://docs.google.com/uc?export=download&id=0BxKpu23oNYF9Vl9ISF9aRm9NVzg&revid=0BxKpu23oNYF9TmFEenI3VEJhL3QwZm5pS0NvZ01yZzF2WG93PQ" height="69" width="219"></span></span></span><br></div></div></div></div></div></div></div></div></div></div>
</div>