Friday, November 21, 2014

Recent retail data breaches may be related

I love reading Brian Krebs' articles; he's a very informative investigator. A recent blog article entitled "Link Found in Staples, Michael's Breaches" shares some very interesting news about recent breaches at Michael's (April 2014) and Staples (October 2014).

In both cases, malicious software was installed on cash registers and similar point of sale computer systems, which was then used to exfiltrate customers' credit card data. In the case of Michael's, the breach persisted over many months.

What Krebs has shared is that for both these incidents, the malware was identifed as communicating to the same command-and-control infrastructure - meaning, the same party is likely responsible.

The prediction by many security professionals is that we'll see more breaches as we get into the Black Friday/holiday shopping season. There are lots of great tips on how to avoid fraud this time of year; here is some great advice from IBM1:

"As the end of the year approaches, so do two of the largest holiday seasons in the United States - Thanksgiving and Christmas. The Friday after Thanksgiving has traditionally been one of the largest sales days for retailers. Many retailers offer huge discounts for shoppers on this day. This year, many stores are offering similar discounts far in advance of "Black Friday", as it is commonly known. Criminals are well aware of the extra retailer advertising and seek to exploit shoppers seeking lower pricing. This could be through phishing emails offering "deals too good to be true", misleading advertising, or fake charities. Infected point of sale devices is also becoming more prevalent, ever since Target's breach last season. We advise our readers to use extra caution this holiday season and "think before you click". A malicious URL could lead to malware. A fake website could be a ploy to steal money you intended for a legitimate charity. While the customer does not have the means of detecting an infected POS device, they can monitor their banking and credit / debit card statements for malicious activity."
At this time of year, it is good advice. You may also want to read up on how to protect yourself when using public WiFi.

1 Disclaimer: I am employed by IBM but the views and opinions shared here are my own. 

No comments:

Post a Comment