http://www.wired.com/threatlevel/2014/01/target-hack/
By Kim Zetter
Threat Level
Wired.com
01.17.14
A gang of shadowy hackers tears through the systems of big-box retailers,
making off with millions of credit and debit card numbers in a matter of
weeks and generating headlines around the country.
Target and Neiman Marcus last week? Nope. This oh-so-familiar attack
occurred in 2005.
That’s when Albert Gonzalez and cohorts -- including two Russian
accomplices -- launched a three-year digital rampage through the networks
of Target, TJ Maxx, and about half a dozen other companies, absconding
with data for more than 120 million credit and debit card accounts.
Gonzalez and other members of his team eventually were caught: he's
serving two concurrent sentences for his role, amounting to 20 years and a
day in prison, but the big-box breaches go on.
The latest string of hacks attacking Target, Neiman Marcus, and others
raise an obvious question: How is it that nearly a decade after the
Gonzalez gang pulled off its heists, little has changed in the protection
of bank card data?
Target got off easy in the first breach: A spokeswoman told Reuters an
"extremely limited" number of payment card numbers were stolen from the
company by Gonzalez and his gang. The other companies weren’t as lucky:
TJX, Hannaford Brothers grocery chain, the Dave & Busters restaurant
chain, Office Max, 7-Eleven, BJ's Wholesale Club, Barnes & Noble, JC
Penney, and, most severely, Heartland Payment Systems, were hit hard.
[...]
--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/
