OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
[Dataloss] Global Breach: Did It Start in 2011?

From: security curmudgeon (jerichoattrition.org)
Date: Thu May 03 2012 - 03:06:36 CDT


---------- Forwarded message ----------
From: InfoSec News <alertsinfosecnews.org>

http://www.bankinfosecurity.com/global-breach-did-start-in-2011-a-4732

By Tracy Kitten
Bank Info Security
May 2, 2012

Evidence is mounting that Global Payments Inc. may have been breached
months earlier than initially reported.

One affected card issuer told BankInfoSecurity that Visa issued an updated
alert about the breach on April 26, noting that the window for compromise
could date back to June 7, 2011. Another card issuer says the window of
compromise, as provided by Visa, dates back to June 11. Both issuers asked
to remain anonymous.

Previously, Visa's alerts indicated the breach occurred sometime between
Jan. 21, 2012, and Feb. 25, 2012. But Global says it notified the affected
card brands of the breach in early March, as soon as internal systems
detected a compromise.

"The additional alerts did increase our initial compromised total by about
50 percent," one card issuer says.

[...]
_______________________________________________
Dataloss Mailing List (datalossdatalossdb.org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.