PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

How do they know??

From: pj_mcgarvey at hotmail.com (PJ McGarvey)
Date: Wed, 14 Oct 2009 10:38:15 -0400

Judging by the efforts they made to ensure the break-in wasn't made public, it would be obvious to me that they would 
make that claim.  The article doesn't state that "no customer data was stolen" was a direct quote from Walmart.  As 
their assessment was probably made on early evidence, and that evidence indicated that the attackers were after company 
secrets, not customer data, it probably suited their ninja lawyers just fine.
 
Maybe the attackers went after the secrets b/c they couldn't get to the recently encrypted data... 
 
Or maybe they just wanted more data, however they had some serious cajones to try and reconnect 2 more times using 
other VPN accounts once they were stopped, whether they were in a foreign country or not... you'd think they would've 
just given up assuming they already had customer data ready to sell on the black market.
 
-PJ
 


Date: Wed, 14 Oct 2009 09:26:11 -0400
From: dgcombs at gmail.com
To: pauldotcom at mail.pauldotcom.com
Subject: Re: [Pauldotcom] How do they know??

Hopefully they log data access success and failures and send those logs to a centralized server. That's how I would 
make that claim. But I might say "all evidence indicates..." anyway.


--
Dan McGinn-Combs

Bert Van Kets wrote:

I was just reading the story on the Wal-Mart attack in Wired : 
http://www.wired.com/threatlevel/2009/10/walmart-hack/ 

In the story they claim "no sensitive customer data was stolen". How can 
they be so sure? 
The story tells that the attacker got Admin privs, so access to all user 
accounts and passwords. IMHO they can encrypt all they want. It's game over. 

How can they make a claim that no sensitive data was stolen? 

Bert 
_______________________________________________ 
Pauldotcom mailing list 
Pauldotcom at mail.pauldotcom.com 
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom 
Main Web Site: http://pauldotcom.com 
                                          
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20091014/9093e993/attachment.htm
Previous By Date Next
Previous By Thread Next

Current thread: