User Name: Password:
Credit Card
Credit Card

Card Data Breaches

Home Depot Breach Confirmed, Stolen Info Used to Change Pins, Collect Money

September, 2014

Help Net Security reports Home Depot confirmed that it suffered a breach of its payment data systems. The breach could impact any customers that have, from April forward, used their payment card at the company’s U.S. and Canadian stores. Customers who shopped online at HomeDepot.com and those who shopped in the company’s Mexican stores will likely not be affected. After reassuring customers that their check information and PINs tied to their debit cards were not compromised in the breach, the company has, nevertheless, urged users to review their bank statements for suspicious transactions. Finally, they made sure to note that potentially affected customers will not be responsible for any fraudulent charges to their accounts, and they will be offered free identity protection and credit monitoring services. No more details about the breach itself were given, so it’s still unconfirmed whether the attackers used a variant of the BlackPOS (or Kaptoxa) malware to collect the payment card data, as anonymous sources reported.

Home Depot Already Faces Breach Lawsuit

September, 2014

Bank Info Security reports Home Depot has been hit with a class action lawsuit stemming from a suspected data breach at the home improvement retailer. While one legal expert portrays the lawsuit as premature, because the investigation is still under way, another says the filing was made because it’s highly likely the breach will be confirmed. The lawsuit, filed Sept. 4 in the U.S. District Court for the Northern District of Georgia, alleges that the retailer failed to meet its legal obligation to protect customers’ credit card and personal information. It also accuses Home Depot of not notifying its customers about the alleged breach, with the facts only coming out following revelations of a potential incident by security blogger Brian Krebs.

Nearly All U.S. Home Depot Stores Hit in Data Breach

September, 2014

Krebs on Security reports new data gathered from the cybercrime underground suggests that the apparent credit and debit card breach at Home Depot involves nearly all of the company’s stores across the nation. Evidence that a major U.S. retailer had been hacked and was leaking card data first surfaced September 2 on the cybercrime store rescator[dot]cc, the shop that was principally responsible for selling cards stolen in the Target, Sally Beauty, P.F. Chang’s and Harbor Freight credit card breaches. As with cards put up for sale in the wake of those breaches, Rescator’s shop lists each card according to the city, state and ZIP code of the store from which each card was stolen. A comparison of the ZIP code data between the unique ZIPs represented on Rescator’s site, and those of the Home Depot stores shows a staggering 99.4 percent overlap.

BackOff Not to Blame for GoodWill Breach

September, 2014

Dark Reading reports that despite the retail industry’s new fervor over the Backoff malware, it was Rawpos, not Backoff, that is to blame for the breach at Goodwill retail stores, reported in July. Symantec gave Rawpos a risk rating of “very low” when they discovered the infostealer in February. Very low risk or not, Rawpos was used to compromise 330 of Goodwill’s independently operated “member” stores in 20 US states, and exposed information on 868,000 credit cards, a Goodwill representative confirms. Goodwill recently released details about the scope and nature of the breach, stating that “The investigation found no evidence of malware on any internal Goodwill systems… The impacted Goodwill members used the same affected third-party vendor to process credit card payments. Twenty Goodwill members (representing about 10 percent of all stores) that use the same affected third-party vendor were impacted.”

Dairy Queen: Another ‘Backoff’ Victim?

September, 2014

Data Breach Today reports Dairy Queen says it was recently notified by federal authorities that a limited number of its stores may have been hit by the ‘Backoff’ malware. Dairy Queen has more than 6,000 restaurants in the U.S., Canada and 18 other countries. The news comes in the aftermath of an Aug. 22 Department of Homeland Security advisory, which warned that more than 1,000 U.S. businesses have had their systems infected by Backoff, a new point-of-sale malware that has been linked to numerous remote-access attacks. An executive at one card issuing bank in the Southeast, who asked not to be named, tells Information Security Media Group that the bank has seen card fraud apparently tied to Dairy Queen transactions in recent weeks. Security blogger Brian Krebs was the first to report on a possible breach at the restaurant chain.

UPS Reveals Data Breach

August, 2014

Data Breach Today reports UPS is warning that subsidiary UPS Stores suffered a point-of-sale malware attack that compromised numerous card transactions over a seven-month period. All told, 51 of its U.S. franchised center locations across 24 states were infected, which may have resulted in attackers compromising customers’ personal information and payment card details, including some Social Security and driver’s license numbers, thus placing them at risk of identity theft and fraud. About 105,000 credit card and debit card transactions were compromised in the data breach, according to UPS spokeswoman Chelsea Lee. The number of customers affected has not been revealed.

PF Chang’s Data Breach Lasted 8 Months

August, 2014

Help Net Security reports Asian-themed US restaurant chain P.F. Chang’s China Bistro has finally provided some more details about the breach it suffered earlier this year, including the 33 restaurant locations where the security of their PoS systems was compromised. The company first found out about the compromise on June 10, 2014, when it was alerted by the US Secret Service. On the very next day, they moved to a manual processing system for all credit and debit card transactions. Once the affected hardware was replaced, they went back to their standard card processing system. The subsequent investigation revealed that the initial intrusion dates back to October 10, 2013. The company believes that the thieves made away with card numbers and, in some cases, also the cardholder’s name and/or the card’s expiration date. The stolen card data has appeared for sale on well-known carder store Rescator(dot)so in June, and was sold for prices between $18 to $140 per card.

The True Cost of Data Breaches

August, 2014

Bank Systems & Technology notes cyber security and protecting customer data continues to be top of mind for not only banks, but retailers, software firms, and any company that stores valuable data. These days it seems that not a week goes by without a report of another high-profile data breach. While data breaches are costly for retailers and for banks that have to reimburse customer losses due to fraud, there is also a significant cost to consumers as well. Overall, the true cost of data breaches is significantly higher than one would think, according to multi-factor authentication provider Authentify. The firm estimates each breach costs about $5.4 million for the affected companies.

Supermarket Chain Reveals New Breach

August, 2014

Data Breach Today reports the Supervalu supermarket chain is investigating a network intrusion that may have resulted in criminals compromising customer data from point-of-sale systems in more than 1,000 stores. Supervalu says unauthorized access to its systems began not before June 22 and lasted until July 17 at the latest, and may have resulted in the theft of data from 180 Supervalu grocery stores – including franchised stores – as well as standalone liquor stores across seven states. Supervalu, which is based in Eden Prairie, Minn., earned $34.3 billion in 2013 revenues and is the third-largest food retailer in the U.S., acting as a wholesale supplier to a number of food stores, as well as operating stores under such brand names as Cub, Farm Fresh, Shoppers, Shop ‘n Save and Hornbacher’s. The data breach may also have affected customers of 836 Albertsons, ACME Markets, Jewel-Osco, Shaw’s and Star Markets stores in 21 states.

Black Hat: SAP Systems Vulnerable to Payment Card Theft, Rerouting Payments

August, 2014

SC Magazine notes stealing stored payment card data and rerouting payments in SAP systems is easy for Ertunga Arsal. In a demonstration at Black Hat 2014, Arsal, who has audited hundreds of corporate and government enterprise SAP systems and uncovered hundreds of vulnerabilities, used a tool to launch a remote shell on a SAP system. He was able to gain admin user access, which ultimately enabled him to tap into vendor payment histories, as well as bank accounts also maintained in the SAP system. In the end, he showed how an attacker could reroute payments. Although detection can take longer if there is no proper security measures, Arsal said rerouting payments is typically a “one-shot kind of attack to SAP systems” because eventually the recipient will realize they have not been paid. Improved auditing and more automation will help the problem, Arsal said.

Article archive by topic

Card Data Breaches

Card Fraud

Identity Theft

Network Security

Skimming

Smart Cards