ST. CHARLES, Mo. (KSDK) - Experts believe cyber attacks, like the one on Schnucks that compromised thousands of customers debit and credit card numbers, are most likely carried out by computer hackers. According to the website PrivacyMatters.com, hackers have compromised the personal records of 43 million Americans in the last 12 months.
5 on Your Side's Mike Rush talked to a certified hacker to get the scoop on keeping your identity safe.
They call Ralph Echemendia "The Ethical Hacker."
"We still are the weakest link in this chain, like I said you can secure all the technology, you can secure all the processes, and at the end of the day," said Echemendia, "the average cost of a breach is, get this, $7.2 million."
Echemendia is a cyber security expert known throughout the world. He addressed participants at this week's Take Down Con conference at the Ameristar Casino in St. Charles. Echemendia, who knows how hackers find holes in computer systems and networks, helps companies close those holes before their business is at risk.
"Instead of defense, a lot of this focuses on the actually hacking," said Echemendia. "The same techniques, the same tools, the same ways, the same thinking of an attacker would do."
Echemendia has weighed in on cyber security breaches, like the one surrounding hacking of video and images from the Twilight movie Breaking Dawn. He's trained security experts for companies, like Google, Boeing, and even the U.S. Marine Corps.
5 on Your Side wanted to get his take on the recent attack on Schnucks' debit and credit card system. The big question? Could it have been prevented?
"It probably could have been prevented, the issue is that with security and budgets for a lot of these companies, they really don't have enough people really and manpower to deal with all the systems involved," said Echemendia.
He says in the old days hackers used to hack for the thrill of it. These days, it's big business.
"Yeah, curiosity used to be the kind of main motive, if you will, for hackers back in the day, but through the years it's really, really moved into a financial type of world, there's a really big underground movement, if you will, that is just all related to organized crime," said Echemendia.
He suggested two important things consumers can do to keep their debit and credit card information safe.
"One of the things you can do is use one of these credit monitoring type services, which honestly, is well worth the money, because of the amount of threat involved these days in the whole cyber world," he said.
Second, self-monitor your accounts.
"Log in often and check and make sure you're not seeing anything you don't know about," said Echemendia.
This professional hacker at heart says it's about being prepared.
"Often times that the problem, we wait for an incident to take place, and then based on that incident we try to look for a solution, when we really should be looking for a solution before the incident takes place, we have to assume that it will happen," says Echemendia.
Cyber security experts say it take only 10 minutes to crack a lowercase password that's six characters long. By adding two extra letters and a few uppercase letters and that number jumps to three years. Add just one more character, some numbers or symbols and it could take decades to crack.
Newschannel Five contacted Schnucks for a response. A spokesperson says it is harmful to speculate on what may have happened and has on other comment.