BreachExchange mailing list archives
follow-up: TJX e-mails tell the tale
From: security curmudgeon <jericho () attrition org>
Date: Thu, 29 Nov 2007 07:41:19 +0000 (UTC)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://news.bostonherald.com/business/general/view.bg?articleid=1047504 By Donna Goodison November 28, 2007 Executives at TJX Cos., which in January revealed a massive security breach that put millions of its customers personal information at risk, knew two years ago that the companys wireless payment network was vulnerable to attack, according to court documents. In 2005, TJX officials also discussed the need to update the companys wireless network security to a more secure WiFi protected access (WPA) system and whether it could be deferred to save money, according to e-mail exchanges between TJX employees. The e-mails were included in court documents filed in a lawsuit brought by a group of banks against TJX. The security breach, the nations largest, began in mid-2005 and was discovered by TJX in late 2006. TJX has since been accused of failing to safeguard customers information and faces a myriad of lawsuits. Canadian officials who conducted their own investigation said criminals hacked into TJXs wireless networks while outside two Marshalls stores in Miami. The e-mails reveal TJX executives concerns about the network. [..] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- follow-up: TJX e-mails tell the tale security curmudgeon (Nov 29)