Reference: http://breachblog.com/2008/12/16/zyacorp.aspx

    In one of those "I bet they didn't see this coming" moments a CineMagic movie theater in Merrimack, NH has fallen victim to digital thieves (or hackers, if you prefer).  What I see here is a rather obvious comparison case for tackling the "we're too insignificant to be hacked" argument.  If you have data or click-stream... you have something of value.

    I've said it before and I'll say it again - hackers aren't just targeting the huge repositories of information.  They're coming after anyone and everyone with exposures and unmitigated risks.  While there is direct indication that this was done with a web application hack... I wouldn't discount it as an avenue for easy attack.

     Think of how many times you've bought movie tickets online or anything else that you wouldn't think twice about... what if that entity was compromised?

    In what I can only call an unfunny twist of comedy, the article's writer comments -

"Anytime I read about credit card breaches, PCI compliance comes to mind.  If I were to guess, I would guess that there is a 50/50 chance that Zyacorp is compliant.  Not that compliance = secure."