BH Consulting's Security Watch Blog
A friend rang me today to discuss how she and her husband had become the victim of an apparent keylogger attack resulting in large amounts of money taken from their bank account. Thankfully once they reported the suspicious activity to their bank their funds were recovered and the bank are now investigating the case themselves. My [...]
More details available as to how the breach occurred at Heartland resulting in potentialy the biggest breach ever of nearly 100m credit card transactions. Investigators discovered that a piece of malware was hillden in an unallocated portion of disk on one of the Heartland servers. What puzzles me though is; How did a user have [...]
Courtesy of Brian Krebbs from the Washington Post it appears that the largest ever breach of credit card data may have occurred. It appears that a payment processor company in the United States, Heartland Payment Systems, discovered malware on their network that may have captured the credit and debit card details of over 100 million [...]
The raft of data breaches involving lost laptops and mobile devices that occurred last year, both in the government and private sector, led to a rash of organisations running out to encrypt these mobile devices. While an effective tool in helping to secure data on mobile devices, encryption by itself is not a silver bullet [...]
The SiliconRepublic.com ran a story on Friday that highlighted a security defect on the Department of Agriculture’s website. Apparently the reported vulnerability enables anyone to browse details of any farmer who has received money from the EU Common Agriculture Policy payments scheme. The article claims that the Department of Agriculture were not aware of the [...]
It appears that a security breach at Deutche Telekom in 2006 exposed personal details of over 17 million customers of its mobile phone division, T-Mobile. The company claims that no credit card or financial details were exposed but that information such as email addresses as well as mobile numbers and addresses was exposed. The company [...]
Following on from last week’s announcement that the office of the Comptroller Auditor General lost a laptop containing sensitive data at a bus stop, today the CAG announced that it lost a laptop in April 2007that contained information from the Department of Social and Family Affairs on over 380,000 welfare recipients. The laptop was stolen [...]
Thanks to Gary Warner more details of how criminals hacked into the TJX network have come to light. It makes very interesting reading.
Eleven people have been charged in connection with a major hacking ring that allegedly compromised over 40 million credit card records at TJX Corporation, which also runs the TK Maxx stores here in Ireland. Three Americans are amongst those arrested with two other individuals held in Turkey and Germany. The remaining six people are still [...]
Wednesday’s edition of the Irish Times contains a follow up story to the recent data loss in Bank of Ireland. I was asked for my thoughts and opinions on what happened and whether or not encryption would have prevented the loss. Those of you who know me and regularly read my Blog know that I [...]