Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Database
    • IT Management
    • Networking

    Details of Heartland, Hannaford Data Breaches Emerge

    By
    Brian Prince
    -
    August 18, 2009
    Share
    Facebook
    Twitter
    Linkedin

      Roughly seven months after news broke of a breach at Heartland Payment Systems, 28-year-old Albert Gonzalez was indicted for cracking the company’s security.

      But to hear authorities tell it, Heartland wasn’t the Miami man’s only victim. Among the others are 7-Eleven and Hannaford Brothers Co.

      With the indictment has come some new information about the data breaches. Gonzalez was indicted along with two unidentified co-conspirators believed to be from Russia. A fourth individual, identified in the federal indictment only as P.T., was not charged in the case but is listed as a co-conspirator.

      According to the U.S. Department of Justice, the group used computers around the globe to stage attacks and store malware and stolen information. In order to prepare, the group tested the strength of their malware by putting it up against approximately 20 different anti-virus programs.

      “The attack took planning and organization, but ultimately it was done with relatively common attack techniques,” said Rohit Dhamankar, director of DVLabs at TippingPoint. “It just goes to show that even the most basic type of attack can do serious damage and enterprises need to be more vigilant about protecting the outward facing portions of their networks.” According to the government, beginning in Oct. 2006, Gonzalez and his partners began researching the credit and debit card systems used by their victims.

      Once inside the corporate networks, the gang conducted reconnaissance to find credit and debit card numbers and other information. The group used sniffer programs to steal the data, and would communicate via instant message while attacks were in progress and advise each other as to how to navigate the corporate networks to find data, authorities said.

      At the time of the Heartland incident, the company processed millions of credit and debit card transactions daily. Beginning on or about Dec. 26, 2007 , the company was hit with a SQL injection attack on its corporate network that resulted in malware being placed on its payment processing system and the theft of more than 130 million credit and debit card numbers and corresponding card data.

      It was the same story with Hannaford, which reported a malicious Trojan was programmed to pilfer data from the magnetic stripe of credit and debit cards being swiped at Hannaford’s checkout counters. This is believed to have happened around November 2007. The attack led to the compromise of 4.2 million in credit and debit card numbers and related data.

      Before that was 7-Eleven. The chain of convenience stores was hit with a SQL injection attack around August 2007. After swiping the data, they sent the information to computer servers they operated in California, Illinois, Latvia, the Netherlands and Ukraine.

      In addition to these attacks, Gonzalez is currently awaiting trial for his alleged involvement in the TJXhack, as well as an attack targeting the computers of the Dave & Buster’s restaurant chain in New York.

      The fact that some, if not all, of the companies were PCI DSScompliant before the attacks sparked questions about efficacy of PCI regulations. Steve Dauber, vice president of marketing at RedSeal, noted that PCI audits are only the beginning.

      “PCI is actually a pretty reasonable set of basic security recommendations,” he said. “The problem is that businesses mistake passing a PCI audit with being PCI compliant. Audits aren’t comprehensive by nature- they will never catch every potential error in implementation. More importantly, audits occur at a point in time, but your IT infrastructure changes constantly. So even if you do pass your audit, you may fall out of compliance the next week. If you want to benefit from PCI, you need to maintain compliance both comprehensively and continuously.”

      Brian Prince

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×