BreachExchange mailing list archives
Re: Report on TJX breach expected today
From: "Avery Sawaba" <avery.sawaba () gmail com>
Date: Tue, 25 Sep 2007 11:17:07 -0400
I was on the teleconference call, but hit *1 too late to ask my question. Reading the report that Chris sent the link to, one of the big questions that stood out was that, although they explain that wireless networks were upgraded to WPA in September 2005 to fix the WEP security issue, they don't explain how the intruders continued to access their networks even after the "locks were changed". Most of the comments were Canadian specific, but a lot of American journalists were on the line asking questions. The only thing I heard that was truly new news to me was that the breach originated at two Marshalls stores in Miami. I still have to wonder whether or not all the intrusions were through the same stores via the same methods though, and I can't help but doubt it. --Sawaba On 9/25/07, lyger <lyger () attrition org> wrote:
http://www.boston.com/business/globe/articles/2007/09/25/report_on_tjx_breach_expected_today/ Two Canadian privacy agencies are expected to release today the results of a joint investigation into the security breach at TJX Cos. in which hackers stole more than 45.7 million credit and debit card numbers. The Privacy Commissioner of Canada and the Information and Privacy Commissioner of Alberta are expected to summarize their findings into how intruders breached the computer system using wireless technology outside of a Marshalls store in the United States, according to privacy officials briefed on the report. The Canadian groups report also includes recommendations for TJX to better protect its systems. The report is expected in Montreal on the opening day of the 29th International Conference of Data Protection and Privacy Commissioners. [...] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
_______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- Report on TJX breach expected today lyger (Sep 25)
- Re: Report on TJX breach expected today Chris Walsh (Sep 25)
- Re: Report on TJX breach expected today Avery Sawaba (Sep 25)