DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Top Experts Examine Causes Of Breaches In Spy Museum Forensics Panel

Posted on December 3, 2009 by Dissent

Tim Wilson writes:

Here at the U.S. Spy Museum, breaches are taken seriously. And in a panel held here last night, four top security experts had some serious advice for enterprises and security professionals.

[…]

If companies are going to defend themselves against the onslaught of attacks, panelists said, they need to change the way they approach the security problem. Carr observed that the Heartland breach — which turned out to be one of some 300 compromises orchestrated by a single group of attackers — might have been detected and stopped much earlier if companies and law enforcement agencies had shared the information they had about the SQL injection malware that was responsible for the leaks.

“After it happened, I contacted the other payment systems companies and offered to share the malware with them so that they would know what to look out for,” Carr said. “That was the beginning of something. We’re now sharing data between us, even though many of us are bitter competitors in the market. Some of them ran scans for the malware and found it on their systems. We’ve had the FBI come to us and share malware with us, as well. These are things that might never have happened a year ago.”

[…]

Companies also should be prepared for the possibility that even their best defenses will be compromised, the experts said. “At Heartland, we built a transaction network that was completely separate from our corporate network,” Carr said. “But we were breached from the corporate network. It took the hackers about six months to find a way to get into our payment network from our corporate network, but they found it.”

Read the full story on Dark Reading.

Category: Commentaries and Analyses

Post navigation

← Judge throws out lawsuit against Express Scripts
If DOD can do this, why can’t they manage to remove SSNs? →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Why Dumping Sensitive Data on Network Shares is a Liability
  • A militarily degraded Iran may turn to asymmetrical warfare – raising risk of proxy and cyber attacks
  • Pro-Russian hackers disrupt Dutch government websites ahead of NATO summit
  • Iran-Linked Threat Actors Leak Visitors and Athletes’ Data from Saudi Games
  • UK: Oxford City Council still investigating cyberattack from earlier this month
  • Steelmaker Nucor Says Hackers Stole Data in Recent Attack
  • People’s Republic of China cyber threat activity: Cyber Threat Bulletin
  • Ukrainian Web3 security auditing company Hacken suffered an attack that allowed a hacker to create 900 million HAI tokens
  • McLaren provides written notice to 743,131 patients after ransomware attack in July 2024 (2)
  • A state forensics lab was leaking its files. Getting it locked down involved a number of people.

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Sky Views Personal Data as a Potential Weapon in IPTV Piracy War
  • Florida Used a Nationwide Surveillance Camera Network 250 Times To Aid in Immigration Arrests
  • Federal Court Strikes Down HIPAA Reproductive Health Care Privacy Rule
  • The Markup caught 4 more states sharing personal health data with Big Tech
  • Privacy in the Big Sky State: Montana’s Consumer Privacy Law Gets Amended
  • UK Passes Data Use and Access Regulation Bill
  • Officials defend Liberal bill that would force hospitals, banks, hotels to hand over data

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.