Massive Security Breach Leaks Credit Card Info


Recently a fairly huge credit card breach occurred involving a large retail company called TJX, with more than 2,000 retail stores.

Some pretty well known brands there, I know I’ve used some of them…the sad part is they themselves still haven’t worked out the extent of the damage done to their information.

For me this has serious integrity implications.

The TJX Companies, a large retailer that operates more than 2,000 retail stores under brands such as Bob’s Stores, HomeGoods, Marshalls, T.J. Maxx and A.J. Wright, said on Wednesday that it suffered a massive computer breach on a portion of its network that handles credit card, debit card, check and merchandise transactions in the United States and abroad.

The company does not know the extent of the breach, which was first discovered in December 2006. However, hackers may have made off with credit and debit information from transactions in the United States, Canada and Puerto Rico in 2003 as well as transactions between May and December 2006, according to a company statement.

Hopefully the retailer and the credit card companies will bear the brunt of the hack attack and not pass the costs onto the customers.

I really believe customers shouldn’t be penalized for sloppy company security.

The TJX breach recalls other recent hacks, including BJ’s wholesale club and another, reportedly at OfficeMax in 2005. Those breaches, as well as incidents like the hacking of card processor Card Systems, prompted the payment card industry to issue new rules, dubbed the PCI, about how sensitive data is stored and transmitted on internal systems.

However, Spitzer of the MBA said that banks still bore the brunt of security breaches at retailers because they have to pay to reissue cards to customers and absorb the financial losses from unauthorized account withdrawals. Small banks and credit unions often have trouble absorbing those costs, though they are not at fault in the breach itself, Spitzer said.

We’ll have to wait and see I guess.

Source: CSO Online

Posted in: Hacking News, Privacy

, , ,


Latest Posts:


Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.
OWASP APICheck - HTTP API DevSecOps Toolset OWASP APICheck – HTTP API DevSecOps Toolset
APICheck is an HTTP API DevSecOps toolset, it integrates existing tools, creates execution chains easily and is designed for integration with 3rd parties.
trident - Automated Password Spraying Tool trident – Automated Password Spraying Tool
The Trident project is an automated password spraying tool developed to be deployed on multiple cloud providers and provides advanced options around scheduling
tko-subs - Detect & Takeover Subdomains With Dead DNS Records tko-subs – Detect & Takeover Subdomains With Dead DNS Records
tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services and more.
Arcane - Tool To Backdoor iOS Packages (iPhone ARM) Arcane – Tool To Backdoor iOS Packages (iPhone ARM)
Arcane is a simple script tool to backdoor iOS packages (iPhone ARM) and create the necessary resources for APT repositories.
SharpHose - Asynchronous Password Spraying Tool SharpHose – Asynchronous Password Spraying Tool
SharpHose is an asynchronous password spraying tool in C# for Windows environments that takes into consideration fine-grained password policies and can be run over Cobalt Strike's execute-assembly.


One Response to Massive Security Breach Leaks Credit Card Info

  1. Antares March 5, 2007 at 2:02 pm #

    Greetings! Very impressed by your tech savvy, Darknet! I especially like your Users Online facility – how can I install something like that on my blogger template? Any tips would be deeply appreciated, thanks! Please email me directly if you can: Antares@magickriver.com

    Thanks very much and all the best in the Year of the Pig!