On Friday, December 10, the Globe and Mail published an article naming 2010 "The Year of the Hacker". And, so far this week there have been two very high profile data breaches that underscore why this title was so justified.

On Monday, December 13, the Gawker network (which includes sites like Lifehacker) announced that their sites had been hacked and several hundred thousand user accounts (including user names, email addresses and passwords) were compromised. And that same day, McDonald's announced that their database had been compromised and thousands of customer records may be at risk.

The McDonald's attack is especially interesting (and not only because it lets me employ such witticisms as 'Filet of Phish') because McDonald's itself was not attacked. Rather, the attackers chose to go after the third party that McDonald's hired to send an email campaign out to its customers. This demonstrates that attackers will always go after the easiest target - they make their livings going after the low hanging fruit.

Data breaches like these bother me because I work for a company that has a solution to these kinds of attacks. Dynamic SSL is capable of tokenizing all of the information that was stolen - the email addresses, user names and passwords could all be tokenized using our technology. Had these companies used some sort of tokenization technology to protect their data, they would not be emailing customers warning them that their credentials could be attacked. Rather, they would be feeling a little secure, knowing that they gave the attackers gigabytes of fake (and thus useless) information.