[funsec] TJ Max was a result of wardriving?

Alex Eckelberry AlexE at sunbelt-software.com
Tue Aug 5 17:32:47 CDT 2008


http://blogs.zdnet.com/BTL/?p=9572
 

The U.S. Department of Justice and the U.S. Attorneys offices in
Massachusetts and California announced today that they have indicted 11
individuals as part of an international ring of hackers
<http://ap.google.com/article/ALeqM5iL9Fn3VNKRc00RHOLhI-cC-qEVwwD92C8RIO
1>  (really, crackers) who purloined at least 40 million credit card and
debit card numbers.

The numbers were swiped from some of the biggest names in U.S.
retailing: TJX
<http://www.baselinemag.com/c/a/Intelligence/Why-Encryption-Didnt-Save-T
JX/>  Companies (aka TJ Maxx), Barnes & Noble, Office Max, Boston
Market, Sports Authority, BJ's Wholesale Club, Forever 21 and DSW, a
shoe seller.

The co-conspirators are accused of using "wardriving" to help them get
into the companies' networks, through wireless access points, and then
put sniffers in place, to pick off the numbers as they moved through the
networks.

If any company is still exposing itself to "wardriving,'' pretty much
shame on it, at this point. If your network is still open to folks who
drive by in cars and pull down your data, the basics on how to avoid the
problem have been out there since before Best Buy
<http://www.baselinemag.com/c/a/Projects-Security/Best-Buy-May-Day-Mayda
y-for-Security/2/>  faced this problem. And you'll want to get with the
program at the Payment Card Industry Security Standards Council
<https://www.pcisecuritystandards.org/> .

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://linuxbox.org/pipermail/funsec/attachments/20080805/db7781d1/attachment.htm 


More information about the funsec mailing list