According to today’s Wall Street Journal, “data compiled by NetWitness . . .  showed that hackers gained access to a wide array of data at 2,411 companies, from credit-card transactions to intellectual property.” 

Starting in late 2008, the hackers are said to have gotten into corporate networks using social engineering methods.  Employees were enticed to click on Web sites with malware or email ads purporting to clean up viruses.   NetWitness claims that in more than 100 cases, the hackers gained access to  servers holding large quantities of data such as databases and email.

As more firms deploy forensics experts such as NetWitness to audit their networks, we will see more and more Wall Street Journal articles demonstrating just how systemic these breaches are in corporate America.  Unfortunately, it is very difficult to “unlearn” clicking on images thrown your way on a computer screen.  It takes time and training.