BreachExchange mailing list archives
Re: ALDI breach reports mushroom, customers in 11 states affected-Update
From: "Al" <macwheel99 () wowway com>
Date: Sun, 10 Oct 2010 14:48:55 -0500
ALDI was probably targeted because there are almost no employees, so no one to notice tampering with security equipment, such as the installation of a skimmer. Although there have been other cases of installing such hardware in stores with ample employees who failed to notice or report anything suspicious. In the past, payment terminal breaches are localized because hackers must physically access each device to manually tweak or replace the internal electronics. So there's lots of speculation how this breach was engineered, given that history. It could be that the Russian Mafia has arrived. Remember that they broke into the places that manufactured ATM machines etc. to install breach hardware from the very start of the hardware life cycle, resulting in massive breaches in Europe. Look at those cities on a map, and the striking thing is that they're so spread out. Could one gang of cyber thieves hit that many stores in that many areas at once, swapping the skimmer-equipped PIN pads in and out to collect card information, or use confederates in all the cities? It may be that this really was a summer road trip by one set of thieves. It could be a simple enough process: Steal PIN pads from a few ALDI stores. Install skimmers in them. Distribute them to stores spread across a city and its suburbs. Wait a day or so, then swap the original PIN pads back in the stores, collect the card information and head for the next city on your list to repeat the routine. If the thieves waited until their trip was done before using the stolen card information, they might have spent weeks collecting it without getting caught. There are stories of 100-200 customers of one store reporting getting victimized. How many customers a day do they have, who pay using those payment terminals? How many victims may not yet have reported in, who are due to ALDI? Is it necessary to swap the PIN pads to get the info? Can't that be done by wifi? Install the gadget that steals the data, have it send the info a short distance to a PC in trunk of car parked (legally so it no get towed) on nearby street, or even concealed on roof of a building. Periodic drive by to download the accumulated info (from the hidden PC, which need not be visited other than to replace the batteries or other power supply) via wi fi, so in case the PC is found by police, the drive by not figured out. http://www.storefrontbackt <http://www.storefrontbacktalk.com/securityfraud/aldi-pin-pads-tampered-with %e2%80%95and-theyre-all-over-the-map/2/#ixzz11v4KOv5c> alk.com/securityfraud/aldi-pin-pads-tampered-with%e2%80%95and-theyre-all-ove r-the-map/2/#ixzz11v4KOv5c http://www.computerworld.com/s/article/9189982/Aldi_data_breach_shows_paymen t_terminal_holes - Al Mac _____ From: dataloss-discuss-bounces () datalossdb org [mailto:dataloss-discuss-bounces () datalossdb org] On Behalf Of Christine Fulgham Sent: Thursday, October 07, 2010 11:24 AM To: dataloss-discuss () datalossdb org; dataloss () datalossdb org Subject: [Dataloss-discuss] ALDI breach reports mushroom,customers in 11 states affected-Update http://www.databreaches.net/?p=14383 The breach involving ALDI grocery stores is apparently larger than <http://www.databreaches.net/?p=13995> earlier <http://www.databreaches.net/?p=14120> reports <http://www.databreaches.net/?p=14267> suggested as reports trickle in from <http://www.wpxi.com/news/25245274/detail.html> Pittsburgh and other areas. The chain has updated its statement on its website today October 1, 2010 ALDI Inc. recently learned that, from approximately June 1, 2010 to August 31, 2010, tampered payment card terminals were illegally placed in some ALDI stores, enabling unauthorized individuals to fraudulently obtain payment card information from a limited number of our customers. The tampered terminals were capable of capturing information such as name, card account number and PIN. We believe some terminals in a limited number of stores in the following areas may have been impacted: Connecticut (limited to greater Hartford area) Georgia (limited to greater Atlanta area) Illinois (limited to greater Chicago area) Indiana (limited to greater Indianapolis area) Maryland New Jersey New York (limited to greater Rochester area and Lower Hudson Valley) North Carolina (limited to greater Charlotte and Raleigh areas) Pennsylvania (limited to greater Pittsburgh and Philadelphia areas) South Carolina (limited to greater Charlotte area) Virginia (limited to greater Washington, D.C. area) [...] ALDI says that they are a leader in the international grocery retailing industry, serving Europe, the USA and Australia and that they have over 1,000 stores in 29 states, serving 18 million customers each month No virus found in this incoming message. Checked by AVG - www.avg.com Version: 9.0.862 / Virus Database: 271.1.1/3188 - Release Date: 10/10/10 01:34:00
_______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Take CREDANT Technologies short survey on cloud usage and security. Take the survey: http://www.surveymonkey.com/s/TXDR7WT Respond by October 12, 2010. Enter to win a $500(US) Amazon Gift Card.
Current thread:
- ALDI breach reports mushroom, customers in 11 states affected-Update Christine Fulgham (Oct 07)
- Re: ALDI breach reports mushroom, customers in 11 states affected-Update Al (Oct 12)