A security breach that yielded Neiman Marcus customers' payment card information went undetected for nearly six months, according a report in the New York Times.
The upscale department store revealed Friday that hackers may have stolen customers' credit and debit card information during an intrusion it detected in mid-December, but sources told the Times that the earliest time stamp on the breach was from July. During a call with credit card companies on Monday, the company acknowledged that the intrusion had been fully contained only a day earlier, three days after it was publicly revealed, sources told the newspaper.
Neiman … Read more
The government's problem-riddled Obamacare Web site may face further problems from hackers taking advantage of its many security holes. At least that's the consensus of a group of security professionals who have analyzed the site.
David Kennedy, who is CEO of computer security consulting firm TrustedSec and who is testifying before Congress today on the security issues related to HealthCare.gov, outlined his concerns in a blog post today. Kennedy previously testified in November. Since then, it's still been "business as usual" on the site, he said in the blog.
Among the security holes identified … Read more
While Target has said hackers used malware installed on point-of-sale terminals to pilfer the payment card information from millions of customers, the retailer has been silent about how the malware siphoned off the sensitive data.
CEO Gregg Steinhafel confirmed this week that malware installed on checkout keypads was used to steal the names, mailing addresses, phone numbers, and e-mail addresses of as many as 110 million customers. Sources have told Reuters that one of the tools used by the thieves was a memory scraper, which harvests encrypted data as it moves through the computer's memory in plain text.
A … Read more
In addition to compromising some of Microsoft's social-networking accounts, the Syrian Electronic Army also accessed a "small number" of employee e-mail accounts, the company confirmed Wednesday.
The hacking group, which has taken responsibility for an array of breaches in the past couple of years, tweeted three e-mails over the weekend that appeared to originate from Microsoft employee Outlook Web Access accounts. The screenshots posted by the group included conversations among employees regarding recent compromises of Microsoft-owned Twitter accounts.
"A social engineering cyberattack method known as phishing resulted in a small number of Microsoft employee social media … Read more
Tens of thousands of people likely received a conciliatory e-mail from Target on Wednesday. In an effort to temper the repercussions of its massive data breach, the big-box retailer offered to give affected customers one year of free credit monitoring from Experian -- valued at $191.
The security breach, which yielded the personal information of as many as 110 million customers, was first identified on December 15. Apparently, cybercriminals accessed customers' private information at point-of-sale terminals during check-out.
Target said the breach occurred between November 27 and December 15 and resulted in the theft of names, mailing addresses, phone numbers, … Read more
While it's been known for a couple of days that the Syrian Electronic Army hacked into the Microsoft News Twitter account, it's been revealed that the hackers also got into the Twitter accounts of Xbox and Xbox Support, along with Xbox's Instagram account, according to GameSpot.
The political hacking group that supports Syrian President Bashar Assad posted screengrabs of its exploits on its own Twitter account. The hack consisted of the Syrian Electronic Army writing messages on Xbox's accounts that read, "Syrian Electronic Army Was Here" and "Game On!" The group also … Read more
Hackers infected Target's point-of-sale terminals with malware to steal the payment card information from millions of customers, the retailer's chief executive has confirmed.
The security breach, which yielded the personal information of as many as 110 million customers, was first identified on December 15, four days before the breach was publicly revealed, CEO Gregg Steinhafel told CNBC during an interview. Target revealed Friday that the security breach it suffered between November 27 and December 15 was larger than originally believed, yielding the names, mailing addresses, phone numbers, and e-mail addresses for near three times its original estimate of … Read more
The scope of credit card data breaches suffered by US retailers during the holiday shopping season may be larger than previously thought.
Following disclosures by Target and Neiman Marcus, Reuters reports that at least three more well-known retailers experienced smaller breaches that have yet to be publicly revealed. The additional attacks used similar techniques as the attack on Target, sources told the news agency, adding that other attacks may have occurred earlier last year.
The Reuters report did not identify which retailers may have been affected by the security breaches.
Target revealed on Friday that a payment card data breach … Read more