Free Republic
Browse · Search
News/Activism
Topics · Post Article

Interesting information regarding the Target data breach. I notice that the number of people affected has gone from 30K, to 70K and now 110K.
1 posted on 01/16/2014 8:40:12 AM PST by BlueMondaySkipper
[ Post Reply | Private Reply | View Replies ]


To: BlueMondaySkipper

How would malware get into the POS system?
You can’t use a cash register to go surfing on porn.com


2 posted on 01/16/2014 8:44:58 AM PST by Buckeye McFrog
[ Post Reply | Private Reply | To 1 | View Replies ]

To: BlueMondaySkipper

And for those of us who believe Abstinence works, there is no problems at all with Identity Theft. If you do not make ANY electronic transactions you will be just fine.


3 posted on 01/16/2014 8:46:01 AM PST by eyeamok
[ Post Reply | Private Reply | To 1 | View Replies ]

To: BlueMondaySkipper

Meanwhile CMS will testify in Congress today the Healthcare.gov is safe and secure and no security breaches have occurred.


5 posted on 01/16/2014 8:49:04 AM PST by AU72
[ Post Reply | Private Reply | To 1 | View Replies ]

To: BlueMondaySkipper

Fascinating to read; wish I understood it...


6 posted on 01/16/2014 8:50:59 AM PST by carriage_hill (Peace is that brief glorious moment in history, when everybody stands around reloading.)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: BlueMondaySkipper

Bank are making billions on electronic economy - they scarf 1-3% of every transaction - just for handling the transfer. They have been pushing electronic transfers - debit and credit cards as an alternative to cash.

The government likes it because now they have a record of virtually every cash transaction you make - read the ironically titled “Bank Secrecy Act” if you think the governement doesn’t have full access to your account informtion. What do they care if the system isn’t secure? You should have bought “idenity protection”, bub!


10 posted on 01/16/2014 8:59:15 AM PST by Fido969 (What's sad is most)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: BlueMondaySkipper
I notice that the number of people affected has gone from 30K, to 70K and now 110K.

Not thousands. Millions.

12 posted on 01/16/2014 9:16:07 AM PST by IYAS9YAS (Has anyone seen my tagline? It was here yesterday. I seem to have misplaced it.)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: BlueMondaySkipper

Surprise, surprise. Compromised POS systems were all Windows systems. These companies are big that they could develop and utilize Linux-based POS systems.

That’s going to be the ONLY way to secure their systems. The ONLY way. Fundamentally, Windows as it now stands is essentially impossible to secure.

I’ve worked with Windows in depth for 16 years now, and know its ends and out enough to make the above statement with complete confidence.

With Linux, the main threat is using insecure passwords and insider attacks.


13 posted on 01/16/2014 9:16:08 AM PST by catnipman (Cat Nipman: Vote Republican in 2012 and only be called racist one more time!)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: BlueMondaySkipper
I notice that the number of people affected has gone from 30K, to 70K and now 110K.

Not one hundred-ten thousand, (110,000) but 110 million. (110,000,000)

Fully 1/3 of the US population.

15 posted on 01/16/2014 9:33:43 AM PST by Ol' Dan Tucker (People should not be afraid of the government. Government should be afraid of the people)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: BlueMondaySkipper
I notice that the number of people affected has gone from 30K, to 70K and now 110K.

Times one thousand. That's 110 Million customers.

Why I won't get a debit card--straight pipeline into your funds.

18 posted on 01/16/2014 9:56:38 AM PST by Smokin' Joe (How often God must weep at humans' folly. Stand fast. God knows what He is doing.)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: BlueMondaySkipper
Anyone want to fill out the stuff for Obamacare now??? Keep in mind it is LESS secure than this system was.

Nevermind!

Better to write an autobiography and hope someone buys the book if I want my life history on view. At least I might make enough money for a cup of coffee now and then.

19 posted on 01/16/2014 10:00:48 AM PST by Smokin' Joe (How often God must weep at humans' folly. Stand fast. God knows what He is doing.)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: ShadowAce

Ping to interesting details.


27 posted on 01/16/2014 10:43:44 AM PST by BuckeyeTexan (There are those that break and bend. I'm the other kind. ~Steve Earle)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: BlueMondaySkipper

bookmarking this.

NOTE: If this blogger, KrebsOn Security hadn’t received a tip and researched it, then published it, none of us would have known about it. Target never even admitted it happened until two days after he published the info, and never, ever did anything to recompense customers. Even their offer of free credit monitoring came weeks after the news broke.


30 posted on 01/16/2014 10:51:00 AM PST by JoyjoyfromNJ (everything written by me on FR is my personal opinion & does not represent my employer)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: BlueMondaySkipper

I can see how the POS data could be collected by this malware and sent to some obscure place on Target’s servers for later collection by the bad guys, but how did it get there? I suspicion that someone within Target’s IT department with access may have done this and opened a back door for the bad guys to retrieve the hacked information. It is also possible that someone could do this by hacking into the system from outside, but then why pick Target instead of some more high end stores where customers have more to steal?


32 posted on 01/16/2014 11:49:48 AM PST by The Great RJ
[ Post Reply | Private Reply | To 1 | View Replies ]

To: BlueMondaySkipper
Another interesting article.

Oh the irony

33 posted on 01/16/2014 11:56:53 AM PST by BlueMondaySkipper (Involuntarily subsidizing the parasite class since 1981)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: BlueMondaySkipper; All
Why do I suspicion this all has to do with another octopus arm of the gov’t - they want to know every move, every purchase, everything in your bank acct’ and your movements... etc.

We can still circumvent most by just leaving monthly bill money in checking - take rest in cash and use for purchase -

Why do you think they want to get rid of cash?

34 posted on 01/16/2014 12:55:29 PM PST by maine-iac7 (Christian is as Christian does - by their fruits)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: BlueMondaySkipper; rdb3; Calvinist_Dark_Lord; Salo; JosephW; Only1choice____Freedom; amigatec; ...

40 posted on 01/16/2014 1:52:00 PM PST by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: BlueMondaySkipper

After the congress critter declared the Target problem to be like the Obama care problem,I am certain the hack was done by the treacherous tyrant in the White House to make himself look good.


61 posted on 01/17/2014 5:03:56 AM PST by bert ((K.E. N.P. N.C. +12 ..... History is a process, not an event)
[ Post Reply | Private Reply | To 1 | View Replies ]

To: BlueMondaySkipper
the attackers broke in to Target after compromising a company Web server. Somehow, the attackers were able to upload the malicious POS software to store point-of-sale machines, and then set up a control server within Target’s internal network that served as a central repository for data hoovered by all of the infected point-of-sale devices.

“The bad guys were logging in remotely to that [control server], and apparently had persistent access to it,” a source close to the investigation told KrebsOnSecurity. “They basically had to keep going in and manually collecting the dumps.”

It’s not clear what type of software powers the point-of-sale devices running at registers in Target’s U.S. stores, but multiple sources say U.S. stores have traditionally used a home-grown software called Domain Center of Excellence, which is housed on Windows XP Embedded and Windows Embedded for Point of Service (WEPOS).

If the malware was an attack on Windows XP Embedded/Windows Embedded for PoS" it'll be the first case I've heard of, though likely not the ONLY case out there.

XP Embedded happens to run quite a few ATM machines in the U.S. I was part of a large project for a big Chicago Based Bank (now B of A) back in 2003 which converted legacy mainframe based 3270 ATM's with Windows XP Embedded.

My guess is right about now there's a whole lotta banks double-checking their ATM security .....

71 posted on 01/17/2014 5:21:34 PM PST by usconservative (When The Ballot Box No Longer Counts, The Ammunition Box Does. (What's In Your Ammo Box?))
[ Post Reply | Private Reply | To 1 | View Replies ]

Free Republic
Browse · Search
News/Activism
Topics · Post Article


FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson