TJX breach was twice as big as admitted .. - Linux

This is a discussion on TJX breach was twice as big as admitted .. - Linux ; "The world's largest credit card heist may be bigger than we thought. Much bigger .. That's more than double what TJX fessed up to in March, when it estimated some 45.7 million card numbers were stolen during a 17-month span ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: TJX breach was twice as big as admitted ..

  1. TJX breach was twice as big as admitted ..

    "The world's largest credit card heist may be bigger than we thought.
    Much bigger .. That's more than double what TJX fessed up to in March,
    when it estimated some 45.7 million card numbers were stolen during a
    17-month span in which criminals had almost unfettered access to the
    company's back-end systems"

    http://www.theregister.co.uk/2007/10...stimate_grows/

    "The insecure wireless network at a Marshalls discount clothing store
    near St. Paul, Minn. may have allowed hi-tech attackers to gain a
    beachhead in retail giant TJX Companies' computer network"

    http://www.securityfocus.com/brief/496

    'hackers pointed a telescope-shaped antenna toward the store and used a
    laptop computer to decode data streaming through the air between
    hand-held price-checking devices, cash registers and the store's computers'

    http://online.wsj.com/article_email/...DIwNDQ0Wj.html

    --

    fuddie: No but yeah but yeah but yeah no but yeah no but yeah .. what
    about PHP ...

  2. Re: TJX breach was twice as big as admitted ..

    Doug Mentohl wrote:

    > "The world's largest credit card heist may be bigger than we thought.
    > Much bigger .. That's more than double what TJX fessed up to in March,
    > when it estimated some 45.7 million card numbers were stolen during a
    > 17-month span in which criminals had almost unfettered access to the
    > company's back-end systems"
    >
    > http://www.theregister.co.uk/2007/10...stimate_grows/
    >
    > "The insecure wireless network at a Marshalls discount clothing store
    > near St. Paul, Minn. may have allowed hi-tech attackers to gain a
    > beachhead in retail giant TJX Companies' computer network"
    >
    > http://www.securityfocus.com/brief/496
    >
    > 'hackers pointed a telescope-shaped antenna toward the store and used a
    > laptop computer to decode data streaming through the air between
    > hand-held price-checking devices, cash registers and the store's
    > computers'
    >
    >

    http://online.wsj.com/article_email/...DIwNDQ0Wj.html
    >


    You have to keep a close eye on third parties in your business.

    I go round telling people, when I'm asked, just how safe my networks are.
    How data integrety and security are the key parts of an IT person's tasks.
    All other things take a back seat. Maybe I speak with a touch of arrogance,
    because I know how safe my system is.

    So it was a little embarrassing when the IT man from a company down the road
    rang me and told me he was on my network, quite by accident, setting up a
    new PC it had picked up the first DHCP it found and that was mine.

    An outside company installing a factory system had attached several wifis
    and repeaters with zero security setup. These were experts in their field,
    the discussions before hand had included talk of security, but they simply
    hadn't done it.

    So I went round putting the security on, after I had had a little word with
    their MD (it is before the watershed so I can't tell you what I said). Only
    to find that once the security was on their kit wouldn't work. Which I
    suspect is why they didn't turn it on in the first place.

    I tell you this only because these are actually quite a big name in factory
    systems. It is a couple of years ago now so I wont say their name because
    they are in different hands now so it wouldn't be fair to the owners.

    But for the examples above, surely everyone knows these days that WEP is
    simply not safe, not even for home use. The owners of the businesses will
    have relied on the IT support companies and consultants to give them a
    secure system, how long before these IT support companies start to have to
    set asside court time for the companies sueing them. Well the buck must
    stop with them, there is no one else we can blame.

    How easy is it to crack wep? I could write a link in here now and after
    downloading the zip file, 180k file, open the exe on your Windows wifi
    laptop and select any network that pops up. Thats it, if the network you
    are looking at is fairly busy then the cracker will be in withing minutes.
    so within a few minutes of having the link you would have access to the
    traffic you want to sniff.

    I wont give the link, but it isn't difficult to find.

    So any of you out there still sitting on Wep, make it a priority to move to
    a secure system. Though it has to be said that the number of possible
    systems is reducing, WPA is still inherently more difficult to crack than
    WEP is, just don't sit on a single key and change the keys.


+ Reply to Thread