Back in April 2013, 80sTees (80sTees.com) notified a number of state attorneys general that their customer payment card data had been compromised. According to reports to New Hampshire, Vermont, Maryland, and California: on January 29, 2013, the Pennsylvania-headquartered firm was asked by Discover to examine their system after suspicious charges were noted on customers’ cards following purchases…
Category: Malware
Neiman Marcus Missed 60,000 Alerts As Hackers Stole Credit Card Info
Ben Elgin, Dune Lawrence, and Michael Riley report: The hackers who raided the credit-card payment system of Neiman Marcus Group (NMG) set off alerts on the company’s security systems about 60,000 times as they slunk through the network, according to an internal company investigation. The hackers moved unnoticed in the company’s computers for more than eight months, sometimes…
Cost of Target data breach exceeds $200M so far just for card replacement-related costs for 22M customers
From the Credit Union National Association: Financial institutions continue to respond to the massive data breach at Target. According to data collected by the Consumer Bankers Association (CBA) and the Credit Union National Association the costs associated with the Target data breech (sic) exceed $200 million. CBA estimates the cost of card replacements for its members to have reached…
Hackers used previously unknown Internet Explorer flaw in new attacks
Joseph Menn reports: A previously unknown flaw in a recent version of Microsoft Corp’s Internet Explorer web browser is being used to attack Internet users, including some visitors to a major site for U.S. military veterans, researchers said Thursday. Security firm FireEye Inc discovered the attacks against IE 10 this week, saying that hundreds or…
Email Attack on Vendor Set Up Breach at Target
Brian Krebs reports: The breach at Target Corp. that exposed credit card and personal data on more than 110 million consumers appears to have begun with a malware-laced email phishing attack sent to employees at an HVAC firm that did business with the nationwide retailer, according to sources close to the investigation. Read more on KrebsOnSecurity.com
Statement on Target data breach by HVAC vendor Fazio Mechanical Services
Statement on Target data breach Fazio Mechanical Services, Inc. places paramount importance on assuring the security of confidential customer data and information. While we cannot comment on the on-going federal investigation into the technical causes of the breach, we want to clarify important facts relating to this matter: Fazio Mechanical does not perform remote monitoring…