__/ [ Doug Mentohl ] on Monday 02 April 2007 19:22 \__
> 'US discount retailer TJX, owner of UK retailer TK Maxx, revealed in a
> regulatory filing on Wednesday that at least 45.7 million payment card
> details had been stolen by hackers'
>
> 'David Litchfield .. said that companies should give technical details
> of hacks so the security community could learn how to combat similar
> breaches in the future'
>
> "TK Maxx has not specified how it was done,"
>
> "It could have been any number of vulnerabilities. [The hackers] are
> supposed to have had access for two years, so we're looking at a
> vulnerability from two years ago ? take your pick."
>
> "You always hear of breaches ? 50,000 credit card numbers stolen,
> 100,000 security numbers. That's not interesting ? we need to know how
> they did it. We need to know they were running XYZ system, exploiting
> XYZ flaw, using such and such a rootkit ? that's what we need to know.
> Why people don't talk about this is beyond me ? it will teach people
> what not to do,"
>
> http://news.zdnet.co.uk/security/0,1000000189,39286573,00.htm
Now, that's some serious blunder. It comes to show how the choice of a
system, made by /other/ people, can actually hurt all of us. Needless to
say, when making a purchase, they will never warn the customer, saying how
likely the credit card details are to be stolen through malware. How many
such stories never get reported? How often does data get stolen without the
breach being detected or without the business admitting a known failure,
which could lead to class action lawsuits/
--
~~ Best wishes
Roy S. Schestowitz | Windows: innovative VTP technology (Virus Transfer
Protocol)
http://Schestowitz.com | Open Prospects ¦ PGP-Key: 0x74572E8E
Tasks: 124 total, 1 running, 121 sleeping, 0 stopped, 2 zombie
http://iuron.com - knowledge engine, not a search engine
|
|
