BreachExchange mailing list archives
Re: TJX breach shows that encryption can be foiled
From: "Avery Sawaba" <avery.sawaba () gmail com>
Date: Tue, 3 Apr 2007 00:00:11 -0400
I just read over the 10-k again, and I think they've included enough information to figure out what happened, using some educated guesses. I'm going to start working on "reverse engineering" the statements. --Sawaba On 4/2/07, Chris Walsh <cwalsh () cwalsh org> wrote:
On Apr 2, 2007, at 2:44 PM, Casey, Troy # Atlanta wrote: > It should make for a short list of suspects, assuming TJX was doing a > reasonable job of key management... That (reasonable key management) is a critical assumption. I'd be interested in learning what algorithm (and implementation thereof) they were using, as well. Not holding my breath on that info :^) cw _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 203 million compromised records in 609 incidents over 7 years.
_______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 203 million compromised records in 609 incidents over 7 years.
Current thread:
- TJX breach shows that encryption can be foiled lyger (Apr 01)
- Re: TJX breach shows that encryption can be foiled B.K. DeLong (Apr 02)
- Re: TJX breach shows that encryption can be foiled Casey, Troy # Atlanta (Apr 02)
- Re: TJX breach shows that encryption can be foiled Chris Walsh (Apr 02)
- Re: TJX breach shows that encryption can be foiled Adrian Sanabria (Apr 02)
- Re: TJX breach shows that encryption can be foiled Avery Sawaba (Apr 03)
- Re: TJX breach shows that encryption can be foiled DAIL, ANDY (Apr 03)
- Re: TJX breach shows that encryption can be foiled Sean Steele (Apr 03)
- Re: TJX breach shows that encryption can be foiled DAIL, ANDY (Apr 03)
- Re: TJX breach shows that encryption can be foiled B.K. DeLong (Apr 03)
- Re: TJX breach shows that encryption can be foiled James Childers (Apr 03)
- Re: TJX breach shows that encryption can be foiled Sean Steele (Apr 03)
- Re: TJX breach shows that encryption can be foiled Casey, Troy # Atlanta (Apr 02)
- Re: TJX breach shows that encryption can be foiled B.K. DeLong (Apr 02)
- <Possible follow-ups>
- Re: TJX breach shows that encryption can be foiled Dissent (Apr 03)
- Re: TJX breach shows that encryption can be foiled Chris Walsh (Apr 03)
- Re: TJX breach shows that encryption can be foiled Donald Aplin (Apr 03)
- Re: TJX breach shows that encryption can be foiled James Ritchie, CISA, QSA (Apr 03)