Wednesday, August 19, 2015

Emergency Patch for Critical IE Bug [Which is Under Active Exploit] is Issued by Microsoft

It is MS15-093: Security update for Internet Explorer: August 18, 2015

This security update resolves a vulnerability in Internet Explorer that could allow remote code execution if a user views a specially crafted webpage by using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less affected than those who operate with administrative user rights.

This patch applies to:

  • Internet Explorer 11
  • Internet Explorer 10
  • Windows Internet Explorer 9
  • Windows Internet Explorer 8
  • Windows Internet Explorer 7
  • Microsoft Internet Explorer 6.0

This security update resolves a vulnerability in Internet Explorer. The vulnerability could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
This security update is rated Critical for Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows clients, and Moderate for Internet Explorer 7 (IE 7), Internet Explorer 8 (IE 8), Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Windows servers.

Monday, July 20, 2015

CVS Admits That it May Have Been Hacked

CVS shut down the online photo service that it maintains [as of Friday, July 17th] as well as the mobile device service that is linked to the photo service [as a precaution]. Credit card information may have been stolen.

Payment information from the site is collected by PNI Digital Media of Canada (a third-party vendor)

CVS stated that the photo related information is kept separate from both the main CVS.com site and also payments and computer systems used by the company’s pharmacies. That means, according to the company, that payments through those locations, in addition to in-store kiosks, are not affected.

Tuesday, March 10, 2015

Zoup, a Missouri-based Restaurant Chain a NEXTEP Client, Breached?

NEXTEP acknowledged it was investigating a possible breach after numerous card issuers traced fraudulent card activity back to Zoup, a Missouri-based restaurant chain that's one of NEXTEP's clients.

"Zoup's third-party, point-of-sale (cash register) system recently experienced a payment card security incident that affected most of our U.S. locations," Ersher says. "We have been informed that card numbers entered manually or online were not affected. The good news is we found the cause of the issue and eliminated it on March 5."

Tommy Woycik, president of Troy, Mich.-based NEXTEP, tells Information Security Media Group: "NEXTEP was recently notified by law enforcement that the security of the systems at some of our customer locations may have been compromised. NEXTEP immediately launched an investigation in cooperation with law enforcement and data security experts we retained to determine the root cause and remediate the issue."

Monday, March 9, 2015

Mandarin Oriental and Natural Grocers Confirm Card Theft

On March 4, both companies posted notices on their websites about confirmed network intrusions.

Monday, March 2, 2015

PCI-DSS SSL v3 and TLS v1.0 EOL Notification

The PCI Security Standards Council has announced that SSL v3 and TLS v1.0 will no longer be acceptable encryption protocols due to the "POODLE" vulnerability and support for these protocols will end this year. The PCI council is mandating the use of TLS version 1.1 or higher.

The recommendation is to change to using TLS v1.2 with the capability to step down to TLS v1.1 (if needed).

Friday, February 13, 2015

Administrators are Being Urged to Immediately Patch Windows - Bug CVE-2015-0057

The flaw, which was revealed by Microsoft Feb. 10 as part of its monthly "Patch Tuesday" update release, affects every Windows operating system from Windows 2000 and Windows XP through Windows 10 Technical Preview, which was released in January.

The vulnerability could be used by an attacker to gain root-level access to a system.

Wednesday, December 31, 2014

Chick-fil-A Investigating Possible Breach

In a Dec. 30 statement, the chain says it has recently received reports of potential unusual activity involving payment cards used at a few of its restaurants.

Many issuers suspected the merchant to be Chick-fil-A or its payments processor, Charge Anywhere, which in early December confirmed a breach of its network linked to malware.

One executive with a banking institution based in the Southeast, who also asked not to be named, says considerable fraud linked to Chick-fil-A first surfaced over the summer. But this executive says the fraud at Chick-fil-A is likely linked to a breach of the chain's processor, Charge Anywhere, not a POS attack targeted solely at the fast-food chain.

Thursday, December 11, 2014

Charge Anywhere Confirms Card Breach

Payment solutions provider Charge Anywhere is warning merchants and cardholders of a data breach that may have exposed information related to payment card transactions dating back as far as Nov. 5, 2009.

Thursday, November 20, 2014

Publication Date: 2014-11-20 – Visa – Visa Business News

Along with other items that might be of interest, this publication contains:
  • Updates to Contact Chip and Visa payWave Requirements: To ensure the continued security of Visa’s contact chip and Visa payWave products, Visa has made a number of changes, which include discontinuing some features and requiring clients to support other features that were formerly optional.

Tuesday, November 18, 2014

Staples Confirms POS Malware Attack

Staples is now confirming that there was a malware-related breach, although it's offering scant additional information.

Update (2014-12-22):

Staples says nearly 1.2 million payment cards were compromised...

Thursday, November 13, 2014

Publication Date: 2013-11-13 – MasterCard – Publications on MasterCard Connect

In addition to other items that might be of interest, there is this:

  • List of Approved MasterCard Contactless Readers v3.0

Wednesday, October 22, 2014

New Windows Zero-Day Attack

Microsoft is warning Windows users that they're vulnerable to a new zero-day flaw that attackers have been exploiting to remotely execute arbitrary code.

"At this time, we are aware of limited, targeted attacks that attempt to exploit the vulnerability through Microsoft PowerPoint," Microsoft says in a security advisory issued late on Oct. 21. It says the flaw in Microsoft OLE is present in all versions of Windows except for Windows Server 2003.

Staples Launches Investigation of Possible Breach

Staples has confirmed that it's investigating a potential data breach after a report warned that elevated levels of payment card fraud had recently been tied to card numbers used by consumers who shopped at the office supply retailer.

SourceBooks Confirms Shopping Cart Breach

Publisher SourceBooks is warning its customers about a breach that resulted in unauthorized access to credit card information. A third-party forensic audit is under way to determine the extent of the breach.

Friday, October 17, 2014

Publication Date: 2014-10-16 – Visa – Visa Business News

Among other items, a "Digital Wallet Best Practices Guide Updated for Merchants".

Friday, October 10, 2014

Dairy Queen Breach Update

Dairy Queen has confirmed that Backoff point-of-sale malware was used in a payment card breach that affected 395 of its 4,500 franchised U.S. locations.

Retailer Kmart Has Confirmed a Breach

Retailer Kmart has confirmed a breach that started in early September involving a "new form" of malware that infected the company's payment card systems.

The breach was detected by Kmart's IT team on Oct. 9, which immediately led to a full investigation with the help of a leading IT security firm, the company says in an Oct. 10 statement. Kmart is owned by Sears Holdings Corp., headquartered in Hoffman Estates, Ill.

Customers who shopped with a credit or debit card in Kmart stores during the month of September through Oct. 9 will be offered free credit monitoring protection, the company says.

Wednesday, October 1, 2014

Supervalu Finds Second Data Breach

Supermarket chain Supervalu has announced a second data breach in recent weeks - one that may have impacted payment cards at checkout lanes at four stores. AB Acquisition, which runs five supermarket brands previously owned by Supervalu, also confirms an intrusion, saying malware may have impacted payment card information at various stores in 21 states.

Supervalu says that it recently discovered a separate incident where, in late August or early September, an intruder installed different malware into the portion of its computer network that processes payment card transactions at some of its Shop 'n Save, Shoppers Food & Pharmacy and Cub Foods owned and franchised stores, including some of its associated stand-alone liquor stores.

Saturday, September 27, 2014

Signature Systems Says Jimmy John's Just One of the Victims

The point-of-sale vendor behind the recently confirmed Jimmy John's data breach has stepped forward, saying that along with the 216 impacted Jimmy John's locations, an additional 108 different restaurants were compromised.

Signature Systems, Inc., which provides point-of-sale systems for restaurants, says an unauthorized person gained access to a username and password that the vendor used to remotely access POS systems.

"The unauthorized person used that access to install malware designed to capture payment card data from cards that were swiped through terminals in certain restaurants," Signature Systems says in a statement. Those stores impacted include local pizza restaurants, bakeries and bagel shops, among others, located in 18 states.

The earliest date that cards may have been captured is June 16, Signature Systems says. After learning of the potential breach on July 30, by Aug. 5, the vendor had removed the malware from most of the affected locations. "For a small percentage, we were not able to completely remove the malware from all devices in the system until mid-September," Signature Systems says.

Friday, September 26, 2014

Bash (AKA ShellShock) Bug

Attackers are already targeting the Bash vulnerability, less than 24 hours after information about the flaw became public. To date, an unknown number of devices may contain the flaw, including millions of stand-alone Web servers, Unix and Mac OS X systems, and numerous other Internet-connected devices.

Thursday, September 25, 2014

Jimmy John's Confirms Data Breach, Affected 216 Restaurants

Potentially exposed information includes card numbers and, in some cases, the cardholder's name, verification code and/or the card's expiration date. Information entered online, such as customer address, e-mail and password, remains secure, the company says. The Champaign, Ill.-based restaurant chain, which has more than 2,000 locations, did not reveal how many cards were potentially impacted.

Although its investigation is ongoing, the company says it appears that customers' payment card data was compromised after an intruder stole log-in credentials from its "point-of-sale vendor" and used the credentials to remotely access the point-of-sale systems at some corporate and franchised locations between June 16 and Sept. 5 and install malware.

Thursday, September 4, 2014

Publication Date: 2014-09-04 – Visa – Visa Business News

Among other items, a reminder to use and distribute current BIN tables and not custom, internally maintained tables.

Goodwill Breach, 868,000 Cards Compromised

Goodwill Industries International says in an update about a breach affecting about 330 of its stores that approximately 868,000 payment cards were exposed. The breach stemmed from malware used to compromise a third-party vendor used "to process credit card payments" (see: Goodwill Confirms Card Data Breach).

The investigation found no evidence of malware on any internal Goodwill systems...

Wednesday, September 3, 2014

Home Depot Breached?

“Multiple banks say they are seeing evidence that Home Depot stores may be the source of a massive new batch of stolen credit and debit cards that went on sale (Thursday) morning (Sept. 2) in the cybercrime underground. Home Depot says that it is working with banks and law enforcement agencies to investigate reports of suspicious activity.”

It apparently started in late April.

Home Depot issued a statement that did not confirm a breach, but “confirm (that) we are looking into some unusual activity and we are working with our banking partners and law enforcement to investigate.

Updated today...

Although the initial reports about the Home Depot databreach indicated the attack was extensive, the latest details suggest the breach seemed to have been chain-wide, hitting virtually every single store in the chain.

Tuesday, September 2, 2014

PCI-DSS Releases Urgent Bulletin on POS Malware Incidents

On August 27th, the PCI Security Standards Council has released a bulletin on the malware related to recent POS breach incidents.

Thursday, August 28, 2014

Dairy Queen Breach?

Dairy Queen’s 4,500 franchised stores appear to be the source of the latest payment-card breach, according to Krebs on Security. The Minneapolis-based fast-food chain said it hasn't heard any breach reports — but it also doesn't ask franchisees to report breaches to headquarters.

However, several financial institutions now say they’re dealing with a pattern of fraud on cards that were all recently used at Dairy Queen locations in several states, including Florida, Alabama, Indiana, Illinois, Kentucky, Ohio, Tennessee and Texas. Rumors of a DQ breach have been circulating for more than two weeks, and the breaches may date from as long ago as June 2014.

Thursday, August 21, 2014

UPS Reveals Data Breach Affecting Over 50 Stores

UPS is warning that subsidiary UPS Stores suffered a point-of-sale malware attack that compromised numerous card transactions over a seven-month period. All told, 51 of its U.S. franchised center locations across 24 states were infected, which may have resulted in attackers compromising customers' personal information and payment card details, including some Social Security and driver's license numbers, thus placing them at risk of identity theft and fraud.

UPS says the breach began earlier this year - on January 20 for some locations, and by March 26 for the rest - and lasted until August 11, when the company says the breach was eradicated.

Monday, August 18, 2014

Supervalu Supermarket Data Breach Affects AB Acquisition

In the wake of the Supervalu supermarket data breach, AB Acquisition, which runs five supermarket brands previously owned by Supervalu, says 836 of its stores were impacted by the compromise.

A spokesperson for AB Acquisition confirmed to Information Security Media Group that the compromise affected customers of 836 Albertsons, ACME Markets, Jewel-Osco, Shaw's and Star Markets stores in 21 states. Supervalu is AB Acquisition's third-party IT services provider.

Supervalu Supermarket Chain Reveals New Breach

The Supervalu supermarket chain is investigating a network intrusion that may have resulted in criminals compromising customer data from point-of-sale systems in more than 1,000 stores.

The data breach may also have affected customers of 836 Albertsons, ACME Markets, Jewel-Osco, Shaw's and Star Markets stores in 21 states.

The breach potentially compromised payment card numbers, cardholders' names, card expiration dates and "other numerical information,"

Tuesday, July 1, 2014

POS Vendor Information Systems & Supplies Inc. Warns of Restaurant Breach

On June 12 IS&S notified restaurant customers of a remote-access compromise that may have exposed card data linked to POS transactions conducted between Feb. 28 and April 18 of this year.

IS&S customers include restaurant chains Dairy Queen, Buffalo Wild Wings and TacoTime.

New Florida Breach Law

A Florida law that takes effect July 1 toughens the state's data breach notification statute by, in part, broadening the term "personal information" to include individuals' usernames and e-mail addresses under certain circumstances.

The new law, seen as one of the nation's most rigorous data breach notification statutes, also shortens the time a breached company or government agency must notify the state attorney general to 30 days, down from 45 days, if the intrusion affects 500 or more Florida residents.

...

In the first 30 days of non-compliance with breach notification requirements, organizations that fail to notify the Florida attorney general can be fined $1,000 per day for the first 30 days, and then $50,000 for each subsequent 30-day period for up to six months, with a cap of $500,000, according to the law firm McDonald Hopkins.

Thursday, June 26, 2014

PayPal Discovered and Patched a Flaw in its Two-Factor Authentication (2FA) System

PayPal has discovered a flaw in its two-factor authentication (2FA) system that would allow a motivated hacker to by-pass the system merely by switching the device’s internet connectivity on and off.

PayPal explained the system flaw on its blog yesterday, as well as the measures they are taking to correct it.

Making use of this breach, however, would require a cybercriminal to already have one’s username and password.

Wednesday, June 11, 2014

P.F. Chang's Investigating Possible Card Breach

Restaurant chain P.F. Chang's China Bistro has confirmed that it's looking into a payments breach that may have exposed credit and debit cards used at its restaurants.

A handful of U.S. card issuers tell ISMG that a breach from March 20 to May 30 was believed to have exposed cards used at P.F. Chang's. But ISMG was unable to confirm any alerts issued by the card brands.

Tuesday, June 10, 2014

Publication Date: 2014-06-05 – Visa - Visa Business News

Includes a bulletin discussing the Visa "Enhanced PCI DSS Enforcement Plan". If you have any level 1 or level 2 merchants and/or service providers that are still non-compliant, this is a must read.

Includes a reminder / notice for acquirers registered in the Dynamic Currency Conversion (DCC) Compliance Program that they must register their DCC-enabled merchants by 10 July 2014 for the period ending 30 June 2014.

Friday, June 6, 2014

“SSL/TLS MITM” - OpenSSL Threat

The new bug is the most serious of several security breaches referenced in the advisory, and apparently has been putting computers at risk for almost 15 years.

In other words: it allows someone snooping your connection to neutralize your web encryption process.

According to Google software engineer Adam Langley this bug has likely been in existence for a decade and a half.

Masashi Kikuchi discovered the bug and created the patch for the system, which is part of an official OpenSSL fix also announced yesterday. Major browsers on desktops are not affected as they do no use OpenSSL—however, Chrome on Android does and may be affected.

Thursday, May 22, 2014

eBay Breach: 145 Million Users Notified

eBay is urging its 145 million customers to change their passwords following a cyber-attack that compromised encrypted passwords and other personal information.

Monday, April 21, 2014

Michaels (and Aaron Brothers stores) Confirms Data Breach

Arts and crafts retailer Michaels has now confirmed its stores were hit by a data breach that potentially compromised account information for 3 million payment cards.

The breach, which involved "criminals using highly sophisticated malware," potentially affected about 2.6 million cards used at Michaels stores from May 8, 2013, through Jan. 27, 2014. The malware attack also affected Michaels' Aaron Brothers stores, where approximately 400,000 cards were potentially affected from June 26, 2013, through Feb. 27, 2014, the company said in an April 17 statement.

Thursday, April 10, 2014

The Heartbleed Bug - OpenSSL Threat

Moulds of Thales e-Security says attacks such as Heartbleed have caused many to question the value of encryption, "but in reality we are witnessing the exploitation of poor implementations and weak key management rather than discovering fundamental flaws," he says.

Wednesday, April 2, 2014

Publication Date: 2014-04-01 – MasterCard – Publications on MasterCard Connect

Requirement to Maintain Accurate BIN Tables
Data Integrity Edits—New Issuer Edits and Compliance Criteria for MasterCard MoneySend
Freeze Dates to Support Dual and Single Message System 2015 Release Implementations

As well as other items of potential interest...

Tuesday, March 25, 2014

Windows XP End-of-Life

Running XP on POS systems will violate PCI DSS 6.2, which requires retailers to install the latest security patches. We estimate that at least 30 percent of POS systems out there are running XP - and the sad fact is many merchants don't even realize it for any number of reasons, mostly due to simple unawareness.

Tuesday, March 11, 2014

Sally Beauty: Acknowledges POS Network Was Hit But Claims No Data Lost

Despite certain evidence that suggests a possible breach at Sally Beauty Supply, the retailer maintains that a recent cyber-attack against its point-of-sale network did not expose card data.

Friday, February 21, 2014

Online Health and Beauty Products Store Well.ca Indirectly Suffers Breach

Canadian online health and beauty products store Well.ca is notifying a "few thousand" people that their credit card data was compromised following a breach of one of its third-party service provider's servers.

Exposed information includes name, billing address, credit card number, card expiration date and security code, the company says.

The breach occurred between Dec. 22, 2013 and Jan. 7, 2014, Well.ca says in an online notice.

Friday, January 24, 2014

Sports Equipment Company Easton-Bell Sports Compromised

Compromised information may include credit card numbers along with the security codes, plus customers' names, addresses, telephone numbers, and e-mail addresses, the company says.

The breach at Easton-Bell is not believed to be linked to the recent wave of point-of-sale malware attacks that compromised Target Corp. and Neiman Marcus, and others that have yet to be named.

Tuesday, January 21, 2014

Insider steals and sells credit card data of 20m South Koreans

The engineer allegedly used his position at the Korea Credit Bureau to access databases belonging to KB Kookmin Card, Lotte Card, and NH Nonghyup Card between May 2012 and December 2013.

The crook copied the card numbers and expiry dates of NongHyup and Lotte customers, but not Kookmin, onto a USB stick. E-mail and residential addresses and phone numbers were also taken.

Monday, January 13, 2014

Neiman Marcus doesn't yet know the extent of the breach

Luxury merchant Neiman Marcus confirmed Saturday that thieves stole some of its customers' payment card information and made unauthorized charges over the holiday season, becoming the second retailer in recent weeks to announce it had fallen victim to a cyber-security attack.

Friday, January 10, 2014

Publication Date: 2014-01-09 – Visa - Visa Business News

As previously announced, on January 1st Visa has adopted the new "PCI Card Production Logical Security Requirements" and the "PCI Card Protection Physical Security Requirement" as published by the PCI council.

In addition, U.S. state-run lotteries are temporarily allowed to use MCC 9399.

See publication for additional details.

Thursday, December 19, 2013

Target Credit-Card Breach Involved 40 Million Cards

Target Corp. was hit by an extensive theft of its customers' credit-card and debit-card data over the busy Black Friday weekend, a brazen breach of the major retailer's information security.

The theft was national in scope and happened in stores, not online, and may have involved tampering with the machines customers use to swipe their cards when making purchases, people familiar with the matter said.

Friday, December 6, 2013

JPMorgan Chase and Co. revealed breach: 465,000 Accounts Exposed

JPMorgan Chase and Co. revealed this week that between July and September, hackers accessed servers for its UCard Center website, which supports prepaid cards used for payroll and government benefits. The bank says the breach may have exposed information, including card numbers, for 465,000 of its prepaid card customers.

Wednesday, November 20, 2013

Six arrested in $45 million global cybercrime scheme

The five men and one woman, all residents of the New York City suburb of Yonkers, were accused of being members of a global cybercrime organization that stole Mastercard Inc debit-card information, according to an announcement from Loretta Lynch, the U.S. attorney for the Eastern District of New York.

Thursday, November 14, 2013

Marketing firm Loyaltybuild breached

Breach exposed payment card data on more than 376,000 consumers plus other personally identifiable information about more than 1 million customers.

Thursday, October 24, 2013

Publication Date: 2013-10-23 – MasterCard – Publications on MasterCard Connect

Global 555—Payment Account Status Inquiry Transactions

MasterCard is leveraging its existing Account Status Inquiry (ASI) service to support Payment Transactions. A Payment ASI will enable payers to have some indication of whether an issuer of the payee (recipient) could post a specified amount to the recipient’s card account before collecting funds from the sender or to confirm a recipient’s card account for future use.

As well as other items of potential interest...

Monday, October 21, 2013

Publication Date: 2013-10-18 – MasterCard – Publications on MasterCard Connect

Contains information on the following items:


  • IPM Pre-edit and Utilities, both Mainframe and Workstation Plus updates


As well as other items that may be worth reviewing...

Thursday, October 17, 2013

Publication Date: 2013-10-17 – Visa – Visa Business News

Includes reminders related to proper use of merchant business names (name requirements) and MCC codes.

Visa is also updating/changing their PIN Security Program.

Contains the official 2014 holiday schedule.

Monday, October 14, 2013

Is ATM Malware The Next Big Threat?

A group of ATMs in Mexico was recently targeted by a new malware strain known as Ploutus as part of an attack that allowed hackers to remotely manipulate the cash denominations the ATMs dispensed.

Wednesday, October 9, 2013

Blackhole Exploit Kit Author Reportedly in Custody

Russian authorities have reportedly arrested a man believed to be the author of the Blackhole exploit kit, which is widely used by cybercriminals to exploit vulnerabilities in Web browsers and other popular software to infect user computers with malware.

Friday, October 4, 2013

Adobe Networks Breached

Adobe networks were compromised resulting in the exposure of up to 2.9 million customers personal information that included Adobe IDs and encrypted payment card numbers. Source code for numerous Adobe products also was illegally accessed.

Monday, September 30, 2013

PCI 3.0 Updates Focus on Retail Breaches

A big focus of the updates in the standards - the first to be issued since 2010 - revolve around merchant and point-of-sale security, says Leach, chief technology officer of the PCI Council.

Thursday, September 26, 2013

Publication Date: 2013-09-26 – Visa – Visa Business News

New Payment Card Industry Card Production Security Requirements

Effective 1 January 2014, Visa will adopt new standards published by the Payment Card Industry Security Standards Council. This includes both the PCI Card Production Logical Security Requirements and PCI Card Production Physical Security Requirements.

Thursday, August 22, 2013

SecurityMetrics releases MobileScan

We are excited to announce the release of our new mobile scanning app MobileScan, which is available both on Android and iOS.

Android
iOS (iPhone and iPad)

Wednesday, August 7, 2013

Harbor Freight Tools hit by cyber-attack

A cyber-attack that hit Harbor Freight Tools and likely exposed card data processed at all 400 of its retail tool stores could rank among one of the biggest retail breaches this year, one card issuer says.

The Harbor Freight breach affected transactions conducted between June 14 and July 20, according to advisories from Visa and MasterCard shared with Information Security Media Group. Issuers say they believe the breach many have occurred sooner.

Monday, July 29, 2013

Additional information on Global Payments Inc. breach

"According to details included in the indictment, Global between January 2011 and March 2012, was attacked by a SQL injection used to install malware on the processor's computer network and payments processing system. More than 950,000 card numbers were stolen, the indictment notes."

Thursday, July 25, 2013

Publication Date: 2013-7-25 – Visa – Visa Business News

To help endpoints assess transaction risk and potential fraud, Visa will introduce an mPOS indicator that can be used to identify and monitor transactions that originate from an mPOS device.

See bulletin for specifics related to this change.

Fraud Indictments over theft of more than 160 million cards

Federal authorities have indicted five Russians and Ukrainians linked to Heartland hacker Albert Gonzalez for the roles they allegedly played in a credit and debit card fraud scheme that compromised more than 160 million cards stolen from payments processors Global Payments and Heartland Payment Systems, grocery chain Hannaford Brothers and others.

Tuesday, July 16, 2013

Retail Breach Hits Hawaii Restaurants

The Honolulu-based upscale restaurant chain Roy's says malware that infected a corporate PC likely infiltrated its network and may have exposed card data.

"Here the authorities are being clear that the malware got into the system via an employee desktop," Litan says. "I haven't seen that much clarity around attack vectors in other similar breaches in the past, and that's a good thing. It means that the investigators are getting more precise in identifying the footprint of the attack."

Monday, June 17, 2013

Publication Date: 2013-06-14 – MasterCard – Global Security Bulletin No. 6 – Removing Support for Static Data Authentication on EMV Cards

This bulletin addresses "Removing Support for Static Data Authentication on EMV Cards".

Summary: Issuers will no longer be permitted to support static data authentication (SDA) on EMV cards issued or reissued after 16 October 2015. See specific bulletin for details.

Publication Date: 2013-06-14 – MasterCard – Global Security Bulletin No. 6 – Revised Standards for Digital Wallet Operators

This bulletin addresses "Revised Standards for Digital Wallet Operators".

Summary: MasterCard is revising the Standards to include a definition for and requirements specific to two digital wallet models (the Staged Digital Wallet and the Pass-through Digital Wallet). This article also introduces the process to register a Staged Digital Wallet Operator as a Service Provider.

Thursday, June 13, 2013

New PIN entry PCI requirements released

Manufacturers of PIN entry devices have received updated Payment Card Industry security requirements from the PCI Security Standards Council. The newest version is version 4.0.

Wednesday, June 5, 2013

Global $200 million credit card hacking ring busted

Eleven people in the United States, the UK and Vietnam have been arrested and accused of running a $200 million worldwide credit card fraud ring, U.S. and UK law enforcement officials said on Wednesday.

According to the complaint, Truong hacked into websites that sold goods and services over the Internet and collected personal credit card information from the sites' customers. "The victims' credit cards incurred, cumulatively, more than $200 million in fraudulent charges," the complaint said. The scheme began in 2007.

Monday, May 20, 2013

Publication Date: 2013-5-17 – Discover – Data Security Alert

Data Security Alert related to:

  • POS Integrator Security Considerations
  • Supermarkets Point-of-Sale Breaches

Friday, May 17, 2013

Patients' Credit Card Info Accessed

Presbyterian Anesthesia Associates in Charlotte, N.C., reports that a data breach may have compromised the credit card information of 10,000 patients.

Friday, May 10, 2013

In Hours, Thieves Took $45 Million in A.T.M. Scheme

In New York City alone, the thieves responsible for A.T.M. withdrawals struck 2,904 machines over 10 hours starting on Feb. 19, withdrawing $2.4 million.

Thursday, May 9, 2013

FBI Investigates Another Retail Breach as Malware Strikes MAPCO Convenience Stores

The FBI is investigating a payment card breach affecting customers of the MAPCO Express convenience store chain. The breach involved hackers remotely installing malware on card-processing systems, MAPCO reports.

The company stresses in its FAQ that it was not storing payment card information.

The convenience store chain also tells its customers: "The hackers may have obtained sufficient information to initiate fraudulent transactions on your account, using your name and card number. Even if you used a credit or debit card to make a payment at one of our stores during the relevant time periods, we cannot confirm whether or not your information was actually compromised."

Affected stores include MAPCO Express, MAPCO Mart, East Coast, Discount Food Mart, Fast Food and Fuel, Delta Express and Favorite Market located in Tennessee, Alabama, Arkansas, Georgia, Kentucky, Mississippi and Virginia.

Wednesday, May 8, 2013

OpUSA: A Lackluster DDoS Operation

The OperationUSA attack that the hacktivist group Anonymous announced would hit U.S. government and banking institution websites on May 7 apparently never gained traction.