46 replies to this topic

[AplusWebMaster]

FYI...

Cards Stolen in Target Breach Flood Underground Markets
- http://krebsonsecuri...ground-markets/
Dec 20, 2013 - "Credit and debit card accounts stolen in a recent data breach at retail giant Target have been flooding underground black markets in recent weeks, selling in batches of one million cards and going for anywhere from $20 to more than $100 per card... At least two sources at major banks said they’d heard from the credit card companies: More than a million of their cards were thought to have been compromised in the Target breach... On Dec. 19, Target would confirm that crooks had stolen 40 million debit and credit cards from stores nationwide in a breach that extended from Nov. 27 to Dec. 15..."
(More detail at the krebsonsecurity URL above.)
___

Target probe looks overseas, stolen cards offered online
- http://www.reuters.c...E9BH1GX20131220
Dec 20, 2013 - "Investigators believe that overseas hackers were responsible for the cyber attack on U.S. retailer Target Corp that compromised up to 40 million payment cards during the first three weeks of the holiday shopping season, a person familiar with the matter said on Friday... The source declined to say how the hackers got in or where investigators believe they are based, saying investigators don't want to show their hand to the criminals or afford them a chance to destroy evidence... Target has provided exposed card numbers to Visa, MasterCard, Discover and American Express. Those companies are in turn providing the information to the financial institutions that issue them."
___

- http://online.wsj.co...276901918248632
Dec 23, 2013 - "... Target confirmed on Monday that the company is partnering with Secret Service to investigate the breach, and said its point-of-sale terminals in U.S. stores were infected by malware, or malicious software..."
 

Edited by AplusWebMaster, 24 December 2013 - 04:32 PM.

[AplusWebMaster]

FYI...

Hack took over BBC server, tried to 'sell' access on Christmas Day
- http://www.reuters.c...E9BS06K20131229
Dec 29, 2013 - "A hacker secretly took over a computer server at the BBC, Britain's public broadcaster, and then launched a Christmas Day campaign to convince other cyber criminals to pay him for access to the system. While it is not known if the hacker found any buyers, the BBC's security team responded to the issue on Saturday and believes it has secured the site, according to a person familiar with the cleanup effort. A BBC spokesman declined to discuss the incident. "We do not comment on security issues," he said. Reuters could not determine whether the hackers stole data or caused any damage in the attack, which compromised a server that manages an obscure password-protected website. It was not clear how the BBC, the world's oldest and largest broadcaster, uses that site, ftp.bbc. co .uk, though ftp systems are typically used to manage the transfer of large data files over the Internet. The attack was first identified by Hold Security LLC, a cybersecurity firm in Milwaukee that monitors underground cyber-crime forums in search of stolen information. The firm's researchers observed a notorious Russian hacker known by the monikers "HASH" and "Rev0lver," attempting to sell access to the BBC server on December 25..."
* http://www.holdsecur...om/#!about/cipy