Home Depot has issued an update on the breach disclosed earlier this month. The company reports that it has completed “a major payment security project that provides enhanced encryption of payment data at point of sale in the company’s U.S. stores, offering significant new protection for customers. Roll-out of enhanced encryption to Canadian stores will be complete…
Category: Malware
Neiman Marcus Skirts Data Breach Class Action
Law360 reports: An Illinois federal judge on Tuesday tossed a proposed class action alleging that Neiman Marcus Group LLC negligently failed to protect 350,000 customers’ credit card information prior to a 2013 hack into the high-end department store’s servers, ruling the plaintiffs had lacked Article III standing. Granting the defendant’s motion to dismiss, U.S. District…
Hackers lock up thousands of Australian computers, demand ransom
Ben Grubb reports: Thousands of Australian computers are being locked up by hackers using malicious software that encrypts files and asks for a ransom to make them available again. Fairfax Media understands Australian government agencies and a number of large enterprises and individuals have been successfully targeted by the scam. Called “Cryptolocker” and “CryptoWall”, the…
Breach at Goodwill Vendor Lasted 18 Months
Brian Krebs reports: C&K Systems Inc., a third-party payment vendor blamed for a credit and debit card breach at more than 330 Goodwill locations nationwide, disclosed this week that the intrusion lasted more than 18 months and has impacted at least two other organizations. Read more on KrebsOnSecurity.com. I wonder when we’ll find out who the other two C&K clients were….
George Mason University notifies 4,400 of malware intrusion
George Mason University recently notified 4,400 people that personal information stored in a Travel Request Applications database could have been accessed due to a malware intrusion. Forensic examination of the server did not find any evidence of access to the data or exfiltration, but could not conclusively rule out the possibility. The intrusion was discovered…
Home Depot Malware Hints at Different Hackers Than Target’s
Dune Lawrence and Michael Riley report: Home Depot was hacked with a malicious software program that plunders store registers while disguising itself as antivirus software, according to two security researchers. The credit card-stealing program used in the attack on the Atlanta-based retailer is being dubbed FrameworkPOS, and differs significantly from the software used last year to…