Category: PCI

Top Data Breaches (That I Know About) Of 2012Team Shatter Exclusive


As 2012 is coming to a close, it’s a good time to take a look back at some of the biggest and most interesting data breaches over the past year, to see how these attacks occurred, and how each organization was affected by the hack. The breaches from 2012 run the gamut, ranging from retail to government and from insurance companies to internet moguls. During 2012, we probably saw some of the most sophisticated and complex malware ever with Flame…

Click for complete article >>

Global Payments Pays Another $55 To $65 Million For March 2012 Data Breach

Posted October 2, 2012 by TeamSHATTER Admin in Breach Costs, Data Breach, Database Security, Finance and Banking, PCI with 0 comments

Atlanta-based payment processor Global Payments expects to take a hit of another $55 to $65 million related to a data breach it sustained earlier this year. The incident, revealed in March, involved the exposure of 1.5 million credit and debit card numbers to hackers. Already, the company has announced the breach cost $84.4 million. Click for complete article >>

Click for complete article >>

When You Do Not Know Where Your Data Is…

Posted May 15, 2012 by Tim Whitman in Best Practices, Data Breach, Database Security, PCI, Tips and Tricks with 0 comments

In its fifth year of publication, the Data Breach Investigation Report (DBIR) by Verizon spans 855 data breaches across 174 million stolen records. Mark Goudie, Managing Principal, Asia-Pacific – Investigative Response, Verizon Business, talked to Jasmine Desai about the latest security threats and solutions for the same Click for complete article >>

Click for complete article >>

Global Payments Security Breach Update – 1.5 Million Credit Card Numbers Still Believed Stolen

Posted May 2, 2012 by Tim Whitman in Data Breach, Database Security, PCI with 0 comments
credit cards

The debacle over U.S. Credit Card processing company Global Payments security breach and stolen credit numbers continued yesterday with a press release from the company answering questions. Global Payments made news in late March when Krebs on Security reported as many as 10 million credit cards could have been stolen in a security breach occurring between January 21 and February 25 of this year. Click for complete article >>

Click for complete article >>

Pain Comes Immediately – Secure Development Takes TimeTeam Shatter Exclusive


I recently came upon a blog post by Adrian Lane of Securosis titled ‘Pain comes instantly – fixes come later’, in which he comments on yet another blog post ‘Pain comes instantly’ by Oracle’s CSO, Mary Ann Davidson. Anything ‘Oracle security’ always gets me curious, so I went ahead and worked my way through both articles. Let’s just say one of them is a rather lengthy read. The core point of Mary Ann Davidson’s post is an objection she has…

Click for complete article >>

The Security Bug Disclosure Debate

Posted April 11, 2012 by Tim Whitman in Data Breach, Database Security, Oracle, PCI with 0 comments
Computer bug

Mary Ann Davidson’s recent post Pain Comes Instantly has been generating a lot of press. It’s being miscast by some of the media outlets as trashing PCI Data Security Standard, but it’s really about the rules for vendors who want to certify commercial payment software and related products. The debate is worth considering, so I recommend giving it a read. It’s a long post, but I encourage you to read it all the way through before forming opinions, as she…

Click for complete article >>

Visa Removes A Service Provider After Data Breach

Posted April 3, 2012 by Tim Whitman in Data Breach, Database Security, Finance and Banking, PCI with 1 comment
credit card

Visa removed Global Payments, an Atlanta company that helps the payment giant process transactions for merchants, from its list of “compliant service providers.” A security breach at Global Payments reported on Friday was thought to have compromised up to three million credit card accounts. It is among a group of companies that act as the plumbing in the electronic transaction chain, authorizing millions of transactions a day. That makes the companies prime targets for data thieves looking to steal richly detailed…

Click for complete article >>

How The Finance Vertical Helped Shape Database Security

Posted February 16, 2012 by Tim Whitman in Best Practices, Database Security, Finance and Banking, MySQL, Oracle, PCI, Sybase with 0 comments

Intrusion Detection Systems (IDS), Vulnerability Assessment and Logging platforms have been around for a long time, being some of the very first security tools available. However, it was the inability of these technologies to adequately address specific threats spawned new twists to these technologies. For example, IDS was ineffective at understanding SQL Queries and common application processes, so database activity monitoring was created to fill the gap. Vulnerability assessments were fine at assessing operating system and device settings, but lack…

Click for complete article >>

PCI Council To Establish Network Of Certified Security Testers For Banks

Posted February 13, 2012 by Tim Whitman in Audit, Best Practices, Database Security, Finance and Banking, PCI with 0 comments
PCI Council

Holding up his iPhone, Bob Russo, general manager of the PCI Council, declares, “This is the most insecure device in the world, and my life is on it.” The task of providing the right security layers for payment products, especially in the emerging field of mobile payments, is daunting for many banks. Russo and brand-new PCI Council Chairman Michael Mitchell, who is also vice president, global network operations at American Express Merchant Services, are stepping up the security best practices…

Click for complete article >>

Restaurant Depot Serves Up Credit Card Data To Hackers For 100K Customers

Restaurant Depot Serves Up Customer Credit Card Data

Cybercrooks presumed to be operating from Russia hacked into the Restaurant Depot database last month and accessed the credit and debit card details of more than 100,000 customers. In a Nov. 25 notice, Stanley Fleishman, the chief executive officer of Restaurant Depot and supermarket wholesaler Jetro Cash & Carry, informed affected customers that “unauthorized persons obtained the names of cardholders, credit or debit card numbers, card expiration dates, and verification codes that were on the magnetic stripes of credit and…

Click for complete article >>
Powered by