Network Security News

Heartland hacker identified

Monday, January 26, 2009

The cybercriminal responsible for the Heartland Payment Systems breach has been identified by the Secret Service with the hacker's location "pinpointed" outside of North America.

According to the trade publication Storefront Backtalk, the investigation has been turned over to the U.S. Department of Justice.
On Friday, a spokesman for the company said the malware attack came from a "sophisticated bug," SCMagazineus.com reports.

There is still no word as to how many of Heartland's customers were compromised from the attack, though it was confirmed by the company no Social Security numbers, unencrypted personal identification numbers (PIN), addresses or phone numbers were involved in the breach. Heartland handles approximately 100 million card transactions from 175,000 merchants each month.

Heartland's security breach is similar to past corporate attacks such as TJX, which lost an estimated 94 million credit card numbers. To date, it is still the largest reported data-loss incident in history.
Robert Carr, founder and chairmen of Heartland, told Darkreading.com the company may have found the problem sooner if security information was shared among companies in the market.

"Up to this point, there has been no information sharing, thus empowering cybercriminals to use the same or slightly modified techniques over and over again," Carr said.ADNFCR-1765-ID-18991949-ADNFCR

Related News:

Zeus botnet performs MySpace spam campaign to spread itself further - 11.20.2009
A sophisticated Trojan dubbed "Zeus" has sent a flood of email messages to MySpace users in an attempt to propagate itself onto more computers, according to researchers at the University of Alabama at Birmingham.

Experts dissect Chrome OS security features - 11.20.2009
Yesterday's release of Google's groundbreaking new cloud-based operating system, Chrome OS, has caused a stir in techie circles, with experts of all stripes rushing to examine the product and issue their judgments.

Microsoft counts Chrome coup with discovery of security flaw - 11.20.2009
Security researchers at Microsoft recently discovered a security vulnerability in Google's controversial Chrome Frame for Internet Explorer, a browser plug-in that simulates Chrome functionality within an Internet Explorer session.

iPhone user sues games maker, claiming to have found hidden spyware - 11.18.2009
An iPhone gamer filed a federal lawsuit against mobile game programmer Storm8 today, alleging that the company violated his privacy by including hidden code in its games that gathered his personal information without permission.

Government watchdog warns of possible IT leaks at Los Alamos - 11.16.2009
The Government Accountability Office has issued a report on data security at the Los Alamos National Laboratory which says that sensitive and highly classified information is vulnerable to outside access.
View Related Resources
Or
Watch an Online Demo
Or
Have us call you now