Interesting People mailing list archives
Advanced tactic targeted grocer / 'Malware' stole Hannaford data
From: David Farber <dave () farber net>
Date: Tue, 27 May 2008 16:46:38 -0400
Begin forwarded message: From: dewayne () warpspeed com (Dewayne Hendricks) Date: May 26, 2008 3:26:21 PM EDT To: Dewayne-Net Technology List <xyzzy () warpspeed com>Subject: [Dewayne-Net] Advanced tactic targeted grocer / 'Malware' stole Hannaford data
[Note: This item comes from reader Monty Solomon. DLH] From: Monty Solomon <monty () roscom com> Date: May 26, 2008 11:56:47 AM PDTSubject: Advanced tactic targeted grocer / 'Malware' stole Hannaford data
Advanced tactic targeted grocer 'Malware' stole Hannaford data By Ross Kerber, Globe Staff | March 28, 2008 The Boston Globe A massive data breach at Hannaford Brothers Cos. was caused by a "new and sophisticated" method in which software was secretly installed on servers at every one of its grocery stores, the company told Massachusetts regulators this week. The unauthorized intrusion the company disclosed on March 17 stemmed from software that intercepted card data from customers as they paid with plastic at store checkout counters, and sent the data overseas, Hannaford's top lawyer said in a letter sent to Attorney General Martha Coakley and Governor Deval Patrick's Office of Consumer Affairs and Business Regulation. The software was installed on computer servers at each of the roughly 300 stores operated by Hannaford and its partners. Hannaford did not say how the software might have been placed on so many servers, and company spokeswoman Carol Eleazer said the company continues to investigate how the software was installed and other specifics of the breach. The Secret Service, which pursues currency crimes, is conducting its own investigation. Data security specialists say the new details show how hackers have grown more adept at penetrating weak links in the systems that connect merchants and banks. In previous breaches, such as the record-setting intrusion at TJX Cos. of Framingham, where as many as 100 million card numbers were compromised, hackers took advantage of merchants who stored customer names and card data - sometimes in violation of payment industry standards - at central locations in their computer networks. In contrast, Hannaford says it did not store customer information. The hackers who struck Hannaford mined a stream of data that the merchant and banks were not responsible for protecting under industry rules, industry specialists said. ..<http://www.boston.com/news/local/articles/2008/03/28/advanced_tactic_targeted_grocer/ >
------------------------------------------- Archives: http://www.listbox.com/member/archive/247/=now RSS Feed: http://www.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- Advanced tactic targeted grocer / 'Malware' stole Hannaford data David Farber (May 27)