Hannaford - An Inside Job

Recent details on the Hannaford security breach point to an inside job. It appears Hannaford employees are most likely to have planned and then infected over 300 servers of the grocery chain.

Experts said the breach should serve as a big lesson for retailers: It’s as important to limit the network access of employees and regularly monitor system activity as it is to purchase security technology to block attacks from the outside. Furthermore, it’s foolish for a company to consider itself bulletproof because they achieved PCI DSS compliance, as Hannaford’s claims it did.

“The overarching conclusion I have that keeps getting reinforced is that the low-hanging fruit is inside the company and insiders are always getting more network privileges,” said Mark MacAuley, a York, Maine-based IT security consultant who shops at Hannaford’s regularly. “I don’t see how anyone at Hannaford could get that level of access unless they were a very well-known entity.”

The Hannaford data breach has exposed over 4 million credit card accounts, thus being the second largest breach ever reported.

Leave a Reply

Name (required)

Mail (will not be published) (required)

Website

Related Posts from the Past:

• Thieves Planted Malware on 300 Hannaford Servers
• Second Largest Security Breach Recently Exposed
• Credit Card Info of WiseBuy Customers Stolen
• Endpoint Protector 2008 Addresses Wireless USB Security Issues
• New PCI Standards Disregard Inside Threats