Fidelity National Information Services (FIS), a large banking services company, was hacked in 2011 and information from that breach was used in a $13 million ATM theft. Initial reports said damage was limited to a small portion of its organization. Subsequent audit reveals a much larger breach plus apparently poor management of its incident response.
- More than $100 million spent in response to breach
- An FDIC audit showed that since the breach & response that many machines still have default, no, or poor passwords
- An FDIC vulnerability scan found over 10,000 instances of default passwords in use
- FDIC report in November 2012 shows 18,747 network vulnerabilities and 291 application vulnerabilities presented as past due