If you don’t believe that it can happen to you…. or if you’re avoiding dealing with those pesky PCI standards for not retaining credit card numbers, etc….. you should read this article.
“Three alleged hackers have been arrested for allegedly using “college-level knowledge of computer programming skills” to steal and sell credit card numbers from customers of Dave and Buster’s restaurant chain, the Justice Department said Monday”…..
“One of the men arrested, Maksym Yastremskiy, of Ukraine, was found in possession of millions of stolen credit card numbers, unrelated to the restaurant, on his laptop when the Turkish National Police arrested him in July.”
“Private account data was captured almost immediately at the point of sale. Similar attacks have occurred at other retail outlets, including T.J. Maxx, DSW shoe stores and Polo Ralph Lauren.”
So… how did they do it?
The government said the hackers illegally accessed 11 of the national chain’s servers and installed packet sniffers at each location. The sniffers vacuumed up “Track 2” data from the credit card magstripes as it traveled from the restaurant’s servers to Dave and Buster’s headquarters in Dallas, according to the indictment.
Estimated damage to financial institutions? $600K, and 5,000 people were affected by the breach.
Tags: CreditCard Fraud