Most of us are aware of the huge Target breach and they are now stating that the home depot breach may be related and all with the common denominator of self check out lanes. The software that was installed by the anonymous thieves to steal credit and debit card numbers were installed mainly on payment systems in the self-checkout lanes at the retail stores. The finding could mean thieves stole far fewer cards during the five month breach than they could have other wise.
The investigation is closely monitoring daily alerts for Visa and MasterCard for reports on new batches of accounts and associations believed to be compromised during the break in. Many banks have been bracing for a financial hit that is much larger than those caused by the breach at Target last December. The Target breach only lasted three weeks but it had exposed forty million cards. So far, Home Depot is not adding up to the Target breach which is a positive thing, and they think it is directly correlated with the length of time of exposure.
Officials at MasterCard today shared several updates from the ongoing investigation into the breach nationwide at the home improvement chain. MC reportedly told banks that at this time it is believes that only self-checkout terminals were impacted in the breach, but stressed that this investigation is still an on going one. Also up to date, the investigation has verified that approximately 1700 of the nearly 2000 US stores with another 112 stores in Canada have been potentially exposed.
The name of this infamous virus that led to the data breach is being referred to as BlackPOS. This infection has so far been identified at Target and Home Depot. The updated version of BlackPOS was first identified on Aug. 22, 2014 which has a few notable new features, including enhanced capability to capture card data from physical memory of the infected point-of-sale devices. The new version also has a feature that disguises the malware as a component of the antivirus product running on the system. An image of how the malware presents itself is pictured below:
Officials at MasterCard today shared several updates from the ongoing investigation into the breach nationwide at the home improvement chain. MC reportedly told banks that at this time it is believes that only self-checkout terminals were impacted in the breach, but stressed that this investigation is still an on going one. Also up to date, the investigation has verified that approximately 1700 of the nearly 2000 US stores with another 112 stores in Canada have been potentially exposed.
The name of this infamous virus that led to the data breach is being referred to as BlackPOS. This infection has so far been identified at Target and Home Depot. The updated version of BlackPOS was first identified on Aug. 22, 2014 which has a few notable new features, including enhanced capability to capture card data from physical memory of the infected point-of-sale devices. The new version also has a feature that disguises the malware as a component of the antivirus product running on the system. An image of how the malware presents itself is pictured below:
Here are some interesting statistics as far as data breaches go:
40 million – The number of credit and debit cards thieves stole from Target between Nov. 27 and Dec. 15, 2013.
70 million – The number of records stolen that included the name, address, email address and phone number of Target shoppers.
46 – The percentage drop in profits at Target in the fourth quarter of 2013, compared with the year before.
200 million – Estimated dollar cost to credit unions and community banks forreissuing 21.8 million cards — about half of the total stolen in the Target breach.
100 million – The number of dollars Target says it will spend upgrading their payment terminals to support Chip-and-PIN enabled cards.
0 – The number of customer cards that Chip-and-PIN-enabled terminals would have been able to stop the bad guys from stealing had Target put the technology in place prior to the breach (without end-to-end encryption of card data, the card numbers and expiration dates can still be stolen and used in online transactions).
0 – The number of people in Chief Information Security Officer (CISO) or Chief Security Officer (CSO) jobs at Target (according to the AP).
18.00 – 35.70 - The median price range (in dollars) per card stolen from Target and resold on the black market (range covers median card price on Feb. 19, 2014 vs. Dec. 19, 2013, respectively).
Not only are social networks causing a privacy concern, but now daily activities such as grocery shopping can cause a concern for your privacy.
No comments:
Post a Comment