funsec mailing list archives
TJ Max was a result of wardriving?
From: "Alex Eckelberry" <AlexE () sunbelt-software com>
Date: Tue, 5 Aug 2008 18:32:47 -0400
http://blogs.zdnet.com/BTL/?p=9572 The U.S. Department of Justice and the U.S. Attorneys offices in Massachusetts and California announced today that they have indicted 11 individuals as part of an international ring of hackers <http://ap.google.com/article/ALeqM5iL9Fn3VNKRc00RHOLhI-cC-qEVwwD92C8RIO 1> (really, crackers) who purloined at least 40 million credit card and debit card numbers. The numbers were swiped from some of the biggest names in U.S. retailing: TJX <http://www.baselinemag.com/c/a/Intelligence/Why-Encryption-Didnt-Save-T JX/> Companies (aka TJ Maxx), Barnes & Noble, Office Max, Boston Market, Sports Authority, BJ's Wholesale Club, Forever 21 and DSW, a shoe seller. The co-conspirators are accused of using "wardriving" to help them get into the companies' networks, through wireless access points, and then put sniffers in place, to pick off the numbers as they moved through the networks. If any company is still exposing itself to "wardriving,'' pretty much shame on it, at this point. If your network is still open to folks who drive by in cars and pull down your data, the basics on how to avoid the problem have been out there since before Best Buy <http://www.baselinemag.com/c/a/Projects-Security/Best-Buy-May-Day-Mayda y-for-Security/2/> faced this problem. And you'll want to get with the program at the Payment Card Industry Security Standards Council <https://www.pcisecuritystandards.org/> .
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- TJ Max was a result of wardriving? Alex Eckelberry (Aug 05)