Hope no one here is a victim of this.

keatronkeatron Security TinkererMember Posts: 1,213 ■■■■■■□□□□


  • blackmage439blackmage439 Member Posts: 163
    Well, for once it isn't a stolen laptop/server/hard drive fiasco. I get so sick and tired of hearing about those incidents! It's amazing how disgusting the lack of security companies regard transportation of physical & sensitive technology and data... I can recall one incident where a FedEx truck was transporting stuff like that, and it got into an accident or something and a bunch of laptops went missing! icon_evil.gif
    "Facts are meaningless. They can be used to prove anything!"
    - Homer Simpson
  • keatronkeatron Security Tinkerer Member Posts: 1,213 ■■■■■■□□□□
    I have a client who's CEO just last month got his laptop mixed up with somebody else's in airport security check points. He didn't realize it until he was back from his trip (which means he didn't even use it, so he didn't need it in the first place).
  • elover_jmelover_jm Member Posts: 349
    seems like an inside work
  • Darthn3ssDarthn3ss Member Posts: 1,096
    i think its high time to start applying with them, clearly they need some help in the IT department.
    Fantastic. The project manager is inspired.

    In Progress: 70-640, 70-685
  • TechJunkyTechJunky Member Posts: 881
    This is not as uncommon as you may think. I deal with hospitality systems a lot and you would be suprised how many customers/company's do not want to pay the extra money to be CISP compliant. This simply means not storing credit card data at their site and making sure all data is encrypted/masked.

    They usually find out the hard way. There is actually a company that still shows your whole credit card data on your receipt with your expiration date, name etc.

    They are a hotel too! So you could imagine how easy it would be to get someone's info.
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 12,259 Admin
    The credit card companies will take the hit by all of the T.J. Maxx and Marshall's customers canceling and reissuing the cards that they used at the stores, and the credit reporting services will clean up by selling their "fraud monitoring and protection" services to the concerned customers. Insurance companies that have issued policies concerning these types of incidences aren't very happy right now either.
  • seuss_ssuesseuss_ssues Member Posts: 629
    Well unfortunately i have bought several things from them over the years.

    I just wonder how they didnt notice someone was downloading a file large enough to contain 45.7 million credit cards and the customers info.
  • TechJunkyTechJunky Member Posts: 881
    credit card files are text files and are really small in size. A file that contains about 50,000 credit cards is only 1.3mb. So it isnt as big as you think.
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 12,259 Admin
    And the theft occurred over a two-year period, so they were just grabbing a little at a time. A type of salami attack, really.
  • garv221garv221 Member Posts: 1,914
    Well the lack of IT security on pay roll explains how TJMaxx can afford to sell Polo jeans for $8.00
Sign In or Register to comment.