Massive Security Breach Leaks Credit Card Info


Recently a fairly huge credit card breach occurred involving a large retail company called TJX, with more than 2,000 retail stores.

Some pretty well known brands there, I know I’ve used some of them…the sad part is they themselves still haven’t worked out the extent of the damage done to their information.

For me this has serious integrity implications.

The TJX Companies, a large retailer that operates more than 2,000 retail stores under brands such as Bob’s Stores, HomeGoods, Marshalls, T.J. Maxx and A.J. Wright, said on Wednesday that it suffered a massive computer breach on a portion of its network that handles credit card, debit card, check and merchandise transactions in the United States and abroad.

The company does not know the extent of the breach, which was first discovered in December 2006. However, hackers may have made off with credit and debit information from transactions in the United States, Canada and Puerto Rico in 2003 as well as transactions between May and December 2006, according to a company statement.

Hopefully the retailer and the credit card companies will bear the brunt of the hack attack and not pass the costs onto the customers.

I really believe customers shouldn’t be penalized for sloppy company security.

The TJX breach recalls other recent hacks, including BJ’s wholesale club and another, reportedly at OfficeMax in 2005. Those breaches, as well as incidents like the hacking of card processor Card Systems, prompted the payment card industry to issue new rules, dubbed the PCI, about how sensitive data is stored and transmitted on internal systems.

However, Spitzer of the MBA said that banks still bore the brunt of security breaches at retailers because they have to pay to reissue cards to customers and absorb the financial losses from unauthorized account withdrawals. Small banks and credit unions often have trouble absorbing those costs, though they are not at fault in the breach itself, Spitzer said.

We’ll have to wait and see I guess.

Source: CSO Online

Posted in: Hacking News, Privacy

, , ,


Latest Posts:


ZigDiggity - ZigBee Hacking Toolkit ZigDiggity – ZigBee Hacking Toolkit
ZigDiggity a ZigBee Hacking Toolkit is a Python-based IoT (Internet of Things) penetration testing framework targeting the ZigBee smart home protocol.
RandIP - Network Mapper To Find Servers RandIP – Network Mapper To Find Servers
RandIP is a nim-based network mapper application that generates random IP addresses and uses sockets to test whether the connection is valid or not with additional tests for Telnet and SSH.
Nipe - Make Tor Default Gateway For Network Nipe – Make Tor Default Gateway For Network
Nipe is a Perl script to make Tor default gateway for network, this script enables you to directly route all your traffic from your computer to the Tor network.
Mosca - Manual Static Analysis Tool To Find Bugs Mosca – Manual Static Analysis Tool To Find Bugs
Mosca is a manual static analysis tool written in C designed to find bugs in the code before it is compiled, much like a grep unix command.
Slurp - Amazon AWS S3 Bucket Enumerator Slurp – Amazon AWS S3 Bucket Enumerator
Slurp is a blackbox/whitebox S3 bucket enumerator written in Go that can use a permutations list to scan externally or an AWS API to scan internally.
US Government Cyber Security Still Inadequate US Government Cyber Security Still Inadequate
Surprise, surprise, surprise - an internal audit of the US Government cyber security situation has uncovered widespread weaknesses, legacy systems and poor adoption of cyber controls and tooling.


One Response to Massive Security Breach Leaks Credit Card Info

  1. Antares March 5, 2007 at 2:02 pm #

    Greetings! Very impressed by your tech savvy, Darknet! I especially like your Users Online facility – how can I install something like that on my blogger template? Any tips would be deeply appreciated, thanks! Please email me directly if you can: Antares@magickriver.com

    Thanks very much and all the best in the Year of the Pig!