Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Hackers Purloin Credit-Card Data From Wireless Networks

The most notorious thievery of bankcard PIN started a couple of years back before a Marshalls discount outlet close to St. Paul, Minn.

Presently, detectives think that cyberpunks had aimed a telescope like aerial towards the store and employed a laptop to decipher information transmitted between handheld device, cash registers and the outlet's PCs. This way they infiltrated into the main database of Marshalls' parent company, Framingham Mass. based TJX Cos. to steal client data recurrently.

The simplicity and magnitude of the scam reveal how inadequately several firms were safeguarding their clients' information on wireless networks, which is transmitted by radio emission that can be easily tapped.

Close to 2003, the wireless industry was extending a safer system known as Wi-Fi Protected Access or WPA, with more complicated encryption. Several entrepreneurs strengthened their security, but some, counting TJX were tardy in upgrading security. Afterward an assessor detected that the firm also neglected to set up firewalls and data encryption on several of its machines utilizing the wireless network, and didn't fix the recently purchased security program correctly.

As per detectives the TJX cyberpunks left a few electronic tracks, which prove that their attacks were executed during the maximum sales period to secure tons of information. They initially intercepted data sent by handheld device that shops use to convey price reductions and to handle stock list. The handheld devices are linked with computers in shop's cash registers and with routers that conveys some housekeeping information.

Detectives think that after exploiting information to break the encryption program, cyberpunks digitally intercepted the staff accessing TJX's main Framingham database and purloined some user ID and passcodes. Armed with that data, they installed their personal accounts in the TJX system and gathered banking details into 100 huge records containing bankcard numbers for their personal entrée. They entered the TJX system from a remote terminal, investigators allege.

As the cyberpunks were thieving information, they were trading it on the cyberspace on secure websites utilized by gangs who then collect charges using these bogus cards which are duly etched with numbers from the purloined credit card data, detectives state.

Related article: Hackers Redirect Windows Live Search to Malicious Sites

» SPAMfighter News - 5/14/2007

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page