Data theft record: 130 million card accounts stolen by Albert Gonzales

August 24th, 2009 by Agent Smith (1) DLP,Data Theft & Loss,In The Spotlight,security breach

Security magazines and news sites have been raving about the case of Albert Gonzales. This man holds a record no one is really proud of: he has been charged with the largest number of stolen credit and debit cards accounts, about 130 million of them.

The story of Gonzales is rather complicated. After being indicted in May in the TJX breach – the one thought to be the largest in history until recently, it is said Gonzales has worked with the authorities to help them find all those involved in breaches he had taken part in. While his defense lawyer was looking forward to a settlement, new charges have surfaced. The federal authorities have charged him for attacks that breached credit card processor Heartland Payment Systems, retailers 7-Eleven and Hannaford Brothers, and a couple of other companies.

Gonzales seems to be behind all the largest data heists of the past few years:

  • 130 million credit and debit card accounts taken from Heartland Payment Systems’ servers
  • at least 94 million credit and debit card accounts stolen from TJX
  • 4.2 million accounts were stolen from Hannaford’s servers

According to DarkReading, all the attacks Gonzales was involved in used familiar, easy to prevent methods to obtain the information they wanted:

While the attacks appear to be phased-in and coordinated, the attackers didn’t employ any hacks that the victim organizations could not have defended against, experts say. SQL injection, for instance, is the most commonly exploited flaw in Web attacks, according to data from the Web Hacking Incident Database.

Fortunately, Gonzales is being held responsible for the breaches. Let’s just hope no one gets their minds on setting a new record! Apparently, it’s easy to achieve.

Hannaford – An Inside Job

April 1st, 2008 by Agent Smith (0) Data Theft & Loss,In The Spotlight,In the News,security breach

Recent details on the Hannaford security breach point to an inside job. It appears Hannaford employees are most likely to have planned and then infected over 300 servers of the grocery chain.

Experts said the breach should serve as a big lesson for retailers: It’s as important to limit the network access of employees and regularly monitor system activity as it is to purchase security technology to block attacks from the outside. Furthermore, it’s foolish for a company to consider itself bulletproof because they achieved PCI DSS compliance, as Hannaford’s claims it did.

“The overarching conclusion I have that keeps getting reinforced is that the low-hanging fruit is inside the company and insiders are always getting more network privileges,” said Mark MacAuley, a York, Maine-based IT security consultant who shops at Hannaford’s regularly. “I don’t see how anyone at Hannaford could get that level of access unless they were a very well-known entity.”

The Hannaford data breach has exposed over 4 million credit card accounts, thus being the second largest breach ever reported.

Thieves Planted Malware on 300 Hannaford Servers

March 31st, 2008 by Agent Smith (0) Data Theft & Loss,In The Spotlight,In the News,security breach

Since it made security magazines’ headlines, the Hannaford data breach that exposed 4.2 million credit card accounts still ranks high in the news. The question on everyone’s mind is how it could all happen. According to the latest article published by The Register on the topic, the thieves behind the breach installed a sophisticated malicious software on over 300 servers in at least 6 states belonging to the Hannaford grocery chain.

What the malware did was to intercept credit card data while customers paid for purchases using plastic and then transmit the information overseas. While Hannaford has disclosed the number of servers on which the malware has been detected, they are yet to disclose how it got there. Security experts are quite puzzled by this incident, as they regard Hannaford as a legal and standard compliant company.

Security experts have been eager to figure out how thieves siphoned the data out of Hannaford Brothers Cos. network because the company is believed to have been following payment card industry (PCI) rules. If the east coast chain’s systems were vulnerable, plenty of other retailers may be open to the same attack, the experts have warned.

© Endpoint Security Info 2010. Wordpress Theme by Arcsin

blogarama - the blog directory Technology Blogs - BlogCatalog Blog Directory Blog Directory Find Blogs in the Blog Directory
valid CSS valid XHTML