OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Re: [Dataloss] IN: Hacker gets state credit card info

From: B.K. DeLong (bkdelongpobox.com)
Date: Sat Feb 10 2007 - 06:21:56 CST

Another PCI DSS violation. It will be interesting to see if any action
is taken. I believe most states qualify as Tier 1 merchants....

On 2/10/07, lyger <lygerattrition.org> wrote:
>
> http://www.fortwayne.com/mld/journalgazette/16667910.htm
>
> State technology officials sent letters Friday to 5,600 people and
> businesses informing them that a hacker obtained thousands of credit card
> numbers from the state Web site.
>
> Although numbers are usually encrypted or shortened to the last four
> digits, the Office of Technology conceded a technical error allowed the
> full credit card numbers to remain on the system and be viewed by the
> intruder.
>
> "Like thousands of web sites, the state's web site is constantly under
> attack from hackers," the letter said. "To repel these attacks, the state
> has implemented the highest levels of security and submitted itself to
> regular independent audits to ensure that data is safeguarded".
>
> [...]
> _______________________________________________
> Dataloss Mailing List (datalossattrition.org)
> http://attrition.org/dataloss
> Tracking more than 146 million compromised records in 566 incidents over 7 years.
>
>
>

--
B.K. DeLong (K3GRN)
bkdelongpobox.com
+1.617.797.8471

http://www.wkdelong.org Son.
http://www.ianetsec.com Work.
http://www.bostonredcross.org Volunteer.
http://www.carolingia.eastkingdom.org Service.
http://bkdelong.livejournal.com Play.

PGP Fingerprint:
38D4 D4D4 5819 8667 DFD5 A62D AF61 15FF 297D 67FE

FOAF:
http://foaf.brain-stream.org
_______________________________________________
Dataloss Mailing List (datalossattrition.org)
http://attrition.org/dataloss
Tracking more than 146 million compromised records in 566 incidents over 7 years.