Data Breaches News
Poor network security leads to major compliance breach for Subway restaurantsFriday, December 23, 2011
More than 150 Subway restaurants and at least 50 other small businesses have been hit by an extended network hack engineered by Romanian cybercriminals. The hacking event has impacted customers dating back to 2008, leaving thousands of credit cards compromised, Ars Technica reported. Industry expert Dave Marcus told the news source this type of extended hacking episode is proving to be the crime of the future. The hackers were able to access systems because of a major network security gaffe on the part of the small businesses involved in the incident. Each organization was using a form of remote access software that is prohibited by the PCI DSS, and the criminals used these systems as an entry point onto the company's point-of-sale network. These types of incidents can be stopped if businesses have a multi-layered security system including wireless intrusion detection. In the case of Subway, software vulnerabilities allowed unauthorized users into the network. For years, nobody noticed that they were operating there. Intrusion detection is designed to identify suspicious and unauthorized individuals on the network and take action to prevent them from gaining access to corporate or consumer data. |
Related News
|
The U.S. Chamber of Commerce was successfully breached by Chinese hackers, who used the network access to steal the information of approximately 3 million members and six weeks' worth or emails from select employees, the Wall Street Journal reported.
|
|
|
A recent network breach gave hackers access to a utility provider's network, allowing them to destroy a water pump, CNET reported.
|
|
|
Although there are comparatively few older users of wireless networks, the proliferation of the technology means that the specific security challenges they pose will assume a position of growing importance in the future, according to a campaign to increase the profile of this issue.
|
|
