Cybercrime firm: Six attacks taking place on U.S. retailers

Cyber-crime specialist IntelCrawler has identified at least six attacks on credit-card processing systems at U.S. retailers using the BlackPOS software that was deployed in the assault on Target.

The hackers have stolen payment-card data, although IntelCrawler CEO Andrew Komarov doesn't know how much.

More on retail cyber-attack


From other sites
Comments (5)
  • positivethoughts
    , contributor
    Comments (2065) | Send Message
    There is no way a 17 year old Russian teenager was responsible for the Target credit card data breach. That was the U.S. government at work. The U.S. government is trying to create so much panic so they can 'supervise' every financial transaction that occurs between humans on earth.
    19 Jan 2014, 10:52 PM Reply Like
  • therealevan
    , contributor
    Comments (243) | Send Message
    So much for positive thoughts.
    20 Jan 2014, 12:02 AM Reply Like
  • Derek A. Barrett
    , contributor
    Comments (3554) | Send Message
    Systems are so open and vulnerable it's not even funny. There are so many ways in.


    Companies need to protect these systems but they also need a Plan B and need to assume that they are going to get hacked at some point and need a game plan to deal with the fallout as quickly as possible.


    Hoping bad stuff won't happen is not a plan, expecting it and preparing for it is a much better strategy.


    This sort of reminds me of companies before 9/11 that did not have a Disaster Recovery plan.


    Companies now need a Security Breach plan as well. This has more to do with processes and best practices than actual technology.
    20 Jan 2014, 01:49 AM Reply Like
  • financeminister
    , contributor
    Comments (1218) | Send Message
    It's very easy if you have someone working on the inside either knowingly or unknowningly (social engineering)... social engineering is easier to stop if you have good anti-viruses and firewalls. However if you have a good guy inside who becomes a bad guy, then you're doomed. I was a consultant having a low level IT position at one of the biggest pharmacutical companies with access to their past and former employee's personal data and that was all you needed for identity theft. I always wondered how they were comfortable with me having access to such information (I'm not even an American but I did developed a few years of trust) even though I didn't technically need visibility to such sensitive information. They were very strict with data for people on the outside... but a select circle on the inside had it easier. Now-a-days whenever someone offers me production level write access or access to personal identifiable information, I politely refuse stating I'm a consultant. IMHO, much of the basis for IT security is good will of the people inside. The only reason an organization that's as security paranoid as the NSA got Snowed-In was because Edward was inside.
    20 Jan 2014, 02:30 PM Reply Like
  • Derek A. Barrett
    , contributor
    Comments (3554) | Send Message
    You nailed it perfectly.
    20 Jan 2014, 03:22 PM Reply Like
DJIA (DIA) S&P 500 (SPY)
ETF Screener: Search and filter by asset class, strategy, theme, performance, yield, and much more
ETF Performance: View ETF performance across key asset classes and investing themes
ETF Investing Guide: Learn how to build and manage a well-diversified, low cost ETF portfolio
ETF Selector: An explanation of how to select and use ETFs