Network Security

Hackers Grab 1.5 Million Visa, MasterCard Numbers

Hackers Grab 1.5 Million Visa, MasterCard Numbers
April 2, 2012 10:55AM

Bookmark and Share
"Unfortunately, traditional tools such as firewalls, antivirus and [intrusion detection and prevention systems] are no longer enough to protect against rapidly evolving zero-day and insider attacks," said security executive Mike Potts of the security breach at Global Payments of Visa and MasterCard data. "Companies must instead seek out next-generation solutions" to protect against data breaches like the one at Global Payments.

APC has an established a reputation for solid products that virtually pay for themselves upon installation. Who has time to spend worrying about system downtime? APC makes it easy for you to focus on business growth instead of business downtime with reliable data center systems and IT solutions. Learn more here.

(Page 2 of 2)

"Banks, government agencies, healthcare institutions and other organizations are increasingly using browsers as the primary platform for the delivery of information, making browsers the primary point of theft or data leakage," he said. "Standard Web browsers contain critical security gaps that create significant risks to organizations' confidential data."

Morrow argued any credit card processing conducted in the Web browser leaves data at risk, as it's unencrypted on the endpoint, and many organizations aren't up-to-date with antivirus software, leaving them vulnerable to malware and man-in-the-middle threats. That same data can also remain in the Web browser cache in clear text format and be vulnerable to extraction by malware.

"Even simple, everyday tasks such as cut, copy, paste and screen capture put sensitive data in the systemwide clipboard, which is also rendered in clear text format and easily accessible, even after the Web session has ended," Morrow said, noting that stored user names and passwords from browser sessions remain available in the authentication cache and vulnerable to malware.

"The good news is there are technologies that address these challenges," Morrow said. "Providing and enforcing usage of a secure, hardened browser session for your employees and customers is the best way to protect your data."

< Previous Page  |  1  |  2

 

Tell Us What You Think
Comment:

Name:

Jay:

Posted: 2012-04-05 @ 4:41pm PT
In the wake of Global Payments' data breach, there has been a lot of advice on what people should do to protect themselves, but way too often we are asked to do more than what's needed and that can needlessly lead to different issues. However, while the damage done by the hackers is real, they cannot harm us without first tricking us into revealing the information they don't yet have (name, address, SSN). So as long as we are cautious and don't give our personal information to strangers, we will do just fine. For more: http://blog.unibulmerchantservices.com/how-to-respond-to-the-global-payments-data-breach.

Jay:

Posted: 2012-04-04 @ 4:03pm PT
From what we know, the Global Payments hackers may have managed to gain access to Track 2 data, which includes the account number, the card's expiration date and some other pieces of data, but not the cardholder's name, address, SSN and the card security code. So cardholders should now be on a high alert for phishing attacks, which may be employed by the criminals as a way to obtain the missing data. Of course, that depends on the hackers having obtained their victims' email addresses, which we don't know. For more: http://blog.unibulmerchantservices.com/what-criminals-can-do-with-the-stolen-global-payments-data.



 Network Security
1. Dropbox for Business Boosts Security
2. Wall Street Journal Hacked Again
3. New Technology Defeats Privacy Efforts
4. Banks Hit by Android-Skirting Malware
5. Juniper DDoS for High-IQ Networks

Have an informed opinion on this story?
Send a Letter to the Editor.
We want to know what you think.
Send us your Feedback.

 Related Topics  Latest News & Special Reports

  Can One Size Windows OS Fit All?
  BlackBerry BES 10 Now Hosted
  Social Media Haters Speak Up
  Internet of Things Comes to DIYers
  Dropbox for Business Boosts Security

 Technology Marketplace
Big Data
Unlock your enterprise data's potential. Learn how in the research report.
Are you getting everything you can out of your business data?
 
Business Intelligence
Get real-time, cloud-based information services with Neustar.
 
CIO Issues
Secure and retain skilled technology professionals. Learn how.
 
Cloud Computing
Are you getting everything you can out of your business data?
 
Data Storage
Unlock your enterprise data's potential. Learn how in the research report.
 
Enterprise Hardware
Protect your network with APC Smart-UPS battery backup
Cisco UCS Invicta Series flash memory systems
 
Enterprise I.T.
Register for an upcoming ISACA® certification exam today
Secure and retain skilled technology professionals. Learn how.
 
Enterprise Software
Unlock your enterprise data's potential. Learn how in the research report.
 
Hardware
Protect your network with APC Smart-UPS battery backup
Cisco UCS Invicta Series flash memory systems
 
Network Security
Protect your network with APC Smart-UPS battery backup