BreachExchange mailing list archives
Re: IN: Hacker gets state credit card info
From: "B.K. DeLong" <bkdelong () pobox com>
Date: Sat, 10 Feb 2007 07:21:56 -0500
Another PCI DSS violation. It will be interesting to see if any action is taken. I believe most states qualify as Tier 1 merchants.... On 2/10/07, lyger <lyger () attrition org> wrote:
http://www.fortwayne.com/mld/journalgazette/16667910.htm State technology officials sent letters Friday to 5,600 people and businesses informing them that a hacker obtained thousands of credit card numbers from the state Web site. Although numbers are usually encrypted or shortened to the last four digits, the Office of Technology conceded a technical error allowed the full credit card numbers to remain on the system and be viewed by the intruder. "Like thousands of web sites, the state's web site is constantly under attack from hackers," the letter said. "To repel these attacks, the state has implemented the highest levels of security and submitted itself to regular independent audits to ensure that data is safeguarded". [...] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 146 million compromised records in 566 incidents over 7 years.
-- B.K. DeLong (K3GRN) bkdelong () pobox com +1.617.797.8471 http://www.wkdelong.org Son. http://www.ianetsec.com Work. http://www.bostonredcross.org Volunteer. http://www.carolingia.eastkingdom.org Service. http://bkdelong.livejournal.com Play. PGP Fingerprint: 38D4 D4D4 5819 8667 DFD5 A62D AF61 15FF 297D 67FE FOAF: http://foaf.brain-stream.org _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 146 million compromised records in 566 incidents over 7 years.
Current thread:
- IN: Hacker gets state credit card info lyger (Feb 10)
- Re: IN: Hacker gets state credit card info B.K. DeLong (Feb 10)
- Re: IN: Hacker gets state credit card info B.K. DeLong (Feb 10)
- <Possible follow-ups>
- Re: IN: Hacker gets state credit card info DAIL, ANDY (Feb 12)
- Re: IN: Hacker gets state credit card info B.K. DeLong (Feb 10)