Heartland hacker identified
Monday, January 26, 2009
The cybercriminal responsible for the Heartland Payment Systems breach has been identified by the Secret Service with the hacker's location "pinpointed" outside of North America.
According to the trade publication Storefront Backtalk, the investigation has been turned over to the U.S. Department of Justice.
On Friday, a spokesman for the company said the malware attack came from a "sophisticated bug," SCMagazineus.com reports.
There is still no word as to how many of Heartland's customers were compromised from the attack, though it was confirmed by the company no Social Security numbers, unencrypted personal identification numbers (PIN), addresses or phone numbers were involved in the breach. Heartland handles approximately 100 million card transactions from 175,000 merchants each month.
Heartland's security breach is similar to past corporate attacks such as TJX, which lost an estimated 94 million credit card numbers. To date, it is still the largest reported data-loss incident in history.
Robert Carr, founder and chairmen of Heartland, told Darkreading.com the company may have found the problem sooner if security information was shared among companies in the market.
"Up to this point, there has been no information sharing, thus empowering cybercriminals to use the same or slightly modified techniques over and over again," Carr said.
Related News:
Cyber criminals exposed medical records - 3.8.2010
More than 18,000 patients, whose medical information is stored on the computer systems of five doctors in Torrance, California, were potential victims of identity theft in September when cyber criminals penetrated the doctors' networks, according to the Los Angeles Times.
McAfee advises companies to boost web security relating to source code - 3.4.2010
At the RSA Conference, currently taking place in San Francisco, McAfee released a report indicating that companies regularly use too few web security protocols when protecting intellectual property such as source code.
False social networking attacks provides teachable moment for web security - 2.25.2010
A unique tool developed to prevent the spread of malware from social networking websites has been recommended Processor.com, a web and network security news provider.
With global web security under siege, exports point to problems - 2.25.2010
In 2009, Garlik, a United Kingdom-based web security company, reported a 207 percent increase in malware use to overtake bank accounts. Recent events have also shown vulnerability in corporate, private and governmental web security systems.
Kaspersky reports malware growing more sophisticated - 2.24.2010
Kaspersky, a web security provider, reported Wednesday that while there is very little growth in the amount of malware currently roaming the web, it is becoming more advanced and much harder to detect.
|
