Tuesday, June 21, 2005

Security headache for CVS customers?

Security headache for CVS customers?

According to this blog, CVS is currently pulling access to their customer loyalty card (ExtraCare) via the internet because of a security hole. CVS has 50 million of these cards out all over.

Not anything like credit cards, but still an issue none the less.

posted by Kirk at 8:59 PM 0 comments

Lost Credit Data Improperly Kept, Company Admits - New York Times

Lost Credit Data Improperly Kept, Company Admits - New York Times

Apparently, there is more information about the CardSystems had not followed Visa and MasterCard Regulation in storing the data that was exposed. This included names, account numbers, expiration dates, and security codes. It also appears that a trojan program entered CardSystem's network.

posted by Kirk at 12:05 AM 0 comments

Saturday, June 18, 2005

MasterCard: 68,000 Customers at High Risk - Yahoo! News

MasterCard: 68,000 Customers at High Risk - Yahoo! News

An update to the story...of the 40 million cards exposed by CardSystems Solutions, about 13.9 million accounts were MasterCard. The rest are Visa, Discover, and Amex (even though Amex says this is to a lesser extent). MasterCard says that of these 13.9 cards, about 68,000 are a higher risk. A quick calculation (assuming the rate of the 1st third of the cards) yields about 200k cards being higher risk. I wonder what they consider a higher level of risk.

The card compromise affects both credit and debit cards, so I can forsee a great problem with people's checking accounts.

From what I also understand, the compromise occured when a trojan was installed on the internal network. For sensitive data, one would think they would be more diligent in preventing this situation from occurring.

posted by Kirk at 7:21 PM 0 comments

Friday, June 17, 2005

MasterCard Cites Security Breach

MasterCard Cites Security Breach

Apparently, one of MasterCard's processors had a security breach, exposing 40 million credit and debit cards. Many financial institutions will have a lot of effort replacing these cards. The need for data security is quite evident these days as various companys are playing a very bad game of can you top this.

Another write up can be found at SecurityFocus.com

posted by Kirk at 5:11 PM 0 comments

Saturday, June 11, 2005

Threatchaos.com Gartner presentation

Richard Stiennon had a very interesting presenation at the Gartner conference this week. He is the VP of Threat Research at Webroot Software. The presentation is in the blog of his below. It basically looks at what he sees as the potential spyware threat for the coming year.

Threatchaos.com: "Latest ThreatChaos Presentation

posted by Kirk at 6:05 PM 0 comments