BreachExchange mailing list archives
USC investigates credit card security breach
From: security curmudgeon <jericho () attrition org>
Date: Fri, 6 Jul 2012 22:34:13 -0500 (CDT)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://dailytrojan.com/2012/06/28/usc-investigates-credit-card-security-breach/ By Daniel Rothberg Daily Trojan June 28, 2012 A forensic investigation led by Ernst & Young found instances of credit card theft at several USC Hospitality venues over at least a one-month period, according to an email from Dan Stimmler, associate senior vice president of auxiliary services. Credit card numbers were obtained because of a breach in third-party software that the university installed three years ago, Stimmler said to the Daily Trojan. Though credit card numbers were stolen, no personal information was compromised, the email said. The university received its first reported theft June 20 and contracted Ernst & Young the following day to gather more details, investigate who might be responsible and look into ways to prevent a future security breach, Stimmler said. According to the email, the investigation has found that the thefts began on May 21 -- or possibly earlier -- and ended June 21 after USC Auxiliary Services discovered the breach and shut down the system. The affected hospitality venues include the Ronald Tutor Campus Center, Seeds, The Lab and the Starbucks on the Health Sciences Campus. [...] _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- USC investigates credit card security breach Jake Kouns (Jul 03)
- <Possible follow-ups>
- USC investigates credit card security breach security curmudgeon (Jul 09)