Nearly 99,000 payment cards used by customers at several Forever 21 retail stores may have been compromised in a series of data thefts dating back to August 2004.
Jaikumar Vijayan | 17 Sep | Read more
One of the 11 people arrested last month in connection with the massive data theft at TJX Companies, BJ Wholesale Clubs and several other US retailers pleaded guilty yesterday to four felony counts, including wire and credit card fraud and aggravated identity theft.
Jaikumar Vijayan | 13 Sep | Read more
The headline in this week's Glasgow Sunday Herald -- "Revealed: 8 million victims in the world's biggest cyber heist" -- was a grabber.
Jaikumar Vijayan | 29 Aug | Read more
If there is a Holy Grail in the information security industry, it surely is the answer to the question, "How secure is secure enough?"
Jaikumar Vijayan | 29 Jul | Read more
The high-profile sabotage this month of the city of San Francisco's fiber backbone network clearly shows both the extent of damage a disgruntled employee can cause and the need for controls to mitigate the risk of such actions.
Jaikumar Vijayan | 29 Jul | Read more
IT managers and analysts are expressing surprise at the amount of time it appears to be taking officials at the City of San Francisco to regain full control of the city's FiberWAN network after a disgruntled network administrator allegedly locked access to it by resetting administrative passwords to its switches and routers.
Jaikumar Vijayan | 23 Jul | Read more
Malicious ATM intrusions, such as the late-winter breach that resulted in the compromise of Citibank debit card data, are not at all surprising given the vulnerable state of many of the servers and other components involved in processing such transactions, according to some industry representatives.
Jaikumar Vijayan | 08 Jul | Read more
Paris-based bank Societe Generale made headlines when it disclosed that one of its traders made a series of unauthorized transactions over the previous few years that ultimately cost the financial institution a staggering US$7.2 billion in losses.
Jaikumar Vijayan | 29 May | Read more
Last week, I was an observer at a hands-on cyberattack simulation workshop organized by disaster recovery vendor SunGard at its facility just outside of Chicago. Taking part in the exercise were representatives from the local community, including workers or officials from retail, health care and government organizations. Each participant was assigned to one of five teams -- IT, operations, information security, sales and executive management -- within a fictitious $1.2 billion gourmet food manufacturing company. The idea was that a cyberattack would unfold, requiring participants to respond to it in the most effective manner.
Jaikumar Vijayan | 28 Apr | Read more
The PCI Security Standards Council was established in the US by the major credit card companies in September 2006 as an independent organization to manage the Payment Card Industry Data Security Standard. In an interview, general manager Bob Russo talks about the council's efforts to administer the PCI standard amid continuing concerns about credit and debit card security. And he defends the standard, despite the recent data breaches at Hannaford Bros. and Okemo Mountain Resort.
Jaikumar Vijayan | 17 Apr | Read more
It's rare that someone looking to steal personal data from a Web site need only submit their own SQL query to pull the data of their choice from the underlying database.
Jaikumar Vijayan | 17 Apr | Read more
Hannaford Bros. disclosed that the intruders who stole up to 4.2 million credit and debit card numbers from the grocer's systems did so by planting malware programs on servers at each of its US grocery chain stores stores in New England, New York and Florida.
Jaikumar Vijayan | 31 Mar | Read more
Gregory Kopiloff, a US man who pleaded guilty last November to stealing identity information over peer-to-peer file-sharing networks, has been sentenced to 51 months in prison.
Jaikumar Vijayan | 20 Mar | Read more
A fresh discovery by security vendor Finjan provides yet another example of how easy it is becoming for almost anyone to find the tools needed to break into, infect or steal data from corporate Web sites.
Jaikumar Vijayan | 28 Feb | Read more
A teenager identified by U.S. law enforcement officials only as B.D.H pleaded guilty last week to charges that he used botnets to illegally install adware on hundreds of thousands of computers in the U.S., including those belonging to the military.
Jaikumar Vijayan | 19 Feb | Read more