Targeted Malware Used in Hannaford Credit Card Heist (eWeek)
A targeted malware attack described as "new and sophisticated" is to be blamed for the data breach at Hannaford Bros. Co. that exposed more than four million credit and debit card numbers to identity thieves, the supermarket chain said in a letter to regulators in Massachusetts.
...the malicious Trojan was programmed to hijack what is described as "Track 2" data from the magnetic stripe of credit and debit cards being swiped at Hannaford's checkout counters.
The Hannaford breach is the first publicly acknowledged theft of sensitive card authorization data in transit between a retailer and bank for authorization.
Michael: Legally speaking, we can't expect the PCI (payment card industry data security standard applicable to retailers) to keep pace with the criminals. Therefore the legal system (Federal Trade Commission) is wrong to punish merchants like Hannaford and TJX for credit card break-ins. --Ben
ReplyDelete