Dec 30 2009

ATM bandits hack security

Category: pci dss,Security BreachDISC @ 11:31 pm

ATM at the secretary of state in Portage, MI
Image via Wikipedia

Overseas gangs have cracked the code of ATM anti-skimming devices in Australia just two months after their roll-out.

ATM Security Breach News Video

Overseas gang has cracked the code of ATM using skimming devices in Australia, where bank customers are defenseless against organized crime unless they check ATM themselves against any sign of tempering.

Awesome Aussies in the game of cricket but their banking system still use magnetic stripe rather than magnetic chip which make it as an easy picking for the overseas gangs

Tags: Australia, Automated teller machine, Bank, Banking Services, Banks and Institutions, Financial services, Magnetic stripe card


Nov 30 2009

Hackers steal credit-card numbers from restaurant customers

Category: pci dss,Security BreachDISC @ 2:44 am


Here we have another unnecessary credit card data breach in a small organization which resulted in a loss of customers data demonstrating poor baseline security of small organization in this case a restaurant. Small organizations are not ready for PCI Compliance. Checkout why PCI Compliance is essential and why small merchants have to comply. Review my threats page and evaluate your current business and system risks to make sure this does not happen to you.

Contact DISC for any question

By Theodore Decker
THE COLUMBUS DISPATCH

Diners who frequent a popular Downtown restaurant should review their charge-card statements because hackers broke into its computer system to loot debit- and credit-card numbers, police said today.

Between 30 and 50 people have reported fraudulent charges on their accounts, and Columbus detectives said that anyone who used a charge card at Tip Top Kitchen and Cocktails in July or August is at risk.

Detective Wyatt Wilson of the Columbus police fraud/forgery unit said police began linking reports of credit-card fraud in October. Cross-checking the victims’ accounts revealed Tip Top, which is on E. Gay Street, as a common denominator, he said.

The hackers have been traced to an overseas Internet address, and no Tip Top employees are involved, police said. Wilson said the business was as much a victim as its customers were.

The hackers found a weak point in the restaurant’s computer defenses, wormed their way in, and installed “malware” that stripped the numbers, he said.

The restaurant has fixed the problem, but customers who charged anything there in July or August should contact their credit-card companies or banks, cancel their cards and get new ones, even if they haven’t been victimized yet, police said.

New fraud reports have rolled in periodically until a few days ago, Wilson said, indicating that the card numbers are still in criminal circulation.

Elizabeth Lessner, the restaurant’s owner, said she has been told by investigators that the breach might have been the work of high-level hackers in Russia, and she wondered whether it was connected to a global case that surfaced this year.


Most of the small companies have trouble justifying their investments when it comes to security. At the same time PCI DSS for the “brick & mortar” merchants have been a blessing for security firms who sell hardware solutions to small merchants. The problem is these hardware point solution does not address the business issues of a small merchant on daily basis.
This is why small merchants need to build a security program and the in-house expertise with training and help of outside consultant to understand business issues related to information security clearly. You mature this process over time with an ongoing effort and full management support.
Do you think it’s time for small merchants to take information security seriously as a business limiting risk?

Prevent and Protect from Credit Card Fraud and Scams

httpv://www.youtube.com/watch?v=YS_jCET-YFA&feature=related

Reblog this post [with Zemanta]

Tags: Banking Services, Business, Credit card, crime, Financial services, fraud, hacker, Information Security, Malware, Payment Card Industry Data Security Standard, Point of sale, Police, Security