Hannaford - An Inside Job

April 1st, 2008 by Alina (0) Data Leakage, Data Theft, IT security, In The Spotlight, In the News, security breach

Recent details on the Hannaford security breach point to an inside job. It appears Hannaford employees are most likely to have planned and then infected over 300 servers of the grocery chain.

Experts said the breach should serve as a big lesson for retailers: It’s as important to limit the network access of employees and regularly monitor system activity as it is to purchase security technology to block attacks from the outside. Furthermore, it’s foolish for a company to consider itself bulletproof because they achieved PCI DSS compliance, as Hannaford’s claims it did.

“The overarching conclusion I have that keeps getting reinforced is that the low-hanging fruit is inside the company and insiders are always getting more network privileges,” said Mark MacAuley, a York, Maine-based IT security consultant who shops at Hannaford’s regularly. “I don’t see how anyone at Hannaford could get that level of access unless they were a very well-known entity.”

The Hannaford data breach has exposed over 4 million credit card accounts, thus being the second largest breach ever reported.

Thieves Planted Malware on 300 Hannaford Servers

March 31st, 2008 by Alina (0) Data Theft, IT security, In The Spotlight, In the News, security breach

Since it made security magazines’ headlines, the Hannaford data breach that exposed 4.2 million credit card accounts still ranks high in the news. The question on everyone’s mind is how it could all happen. According to the latest article published by The Register on the topic, the thieves behind the breach installed a sophisticated malicious software on over 300 servers in at least 6 states belonging to the Hannaford grocery chain.

What the malware did was to intercept credit card data while customers paid for purchases using plastic and then transmit the information overseas. While Hannaford has disclosed the number of servers on which the malware has been detected, they are yet to disclose how it got there. Security experts are quite puzzled by this incident, as they regard Hannaford as a legal and standard compliant company.

Security experts have been eager to figure out how thieves siphoned the data out of Hannaford Brothers Cos. network because the company is believed to have been following payment card industry (PCI) rules. If the east coast chain’s systems were vulnerable, plenty of other retailers may be open to the same attack, the experts have warned.