01-12-2014, 05:17 PM
...and nether the retailers nor banks, nor law enforcement agencies are revealing their names or the scope of each breach.
http://www.reuters.com/article/2014/01/1...edType=RSS&feedName=technologyNews
(Reuters) - Target Corp and Neiman Marcus are not the only U.S. retailers whose networks were breached over the holiday shopping season last year, according to sources familiar with attacks on other merchants that have yet to be publicly disclosed.
Smaller breaches on at least three other well-known U.S. retailers took place and were conducted using similar techniques as the one on Target, according to the people familiar with the attacks. Those breaches have yet to come to light. Also, similar breaches may have occurred earlier last year.
The sources said that they involved retailers with outlets in malls, but declined to elaborate. They also said that while they suspect the perpetrators may be the same as those who launched the Target attack, they cannot be sure because they are still trying to find the culprits behind all of the security breaches.
...Doug Johnson, vice president of risk management policy with the American Bankers Association, said banks and credit card firms like Visa are forbidden from naming merchants that have been breached, unless they disclose it themselves.
"It is really frustrating to the bank and also the customer," Johnson said...
Investigators believe that the early series of attacks on retailers staged before late November were mostly used as trial attacks to help the hackers perfect new techniques they then used against Target, stealing payment cards at unprecedented speed, Litan said.
Chris Gray, director of Denver, Colorado -based Accuvant information security firm's risk and compliance practice, said that sophisticated cyber crime groups do that because they only have once chance to get it right before victims catch on.
"You want to test it and make sure it works," Gray said. "Then you push it out at the appropriate time and do as much damage as you can."
http://www.reuters.com/article/2014/01/1...edType=RSS&feedName=technologyNews
(Reuters) - Target Corp and Neiman Marcus are not the only U.S. retailers whose networks were breached over the holiday shopping season last year, according to sources familiar with attacks on other merchants that have yet to be publicly disclosed.
Smaller breaches on at least three other well-known U.S. retailers took place and were conducted using similar techniques as the one on Target, according to the people familiar with the attacks. Those breaches have yet to come to light. Also, similar breaches may have occurred earlier last year.
The sources said that they involved retailers with outlets in malls, but declined to elaborate. They also said that while they suspect the perpetrators may be the same as those who launched the Target attack, they cannot be sure because they are still trying to find the culprits behind all of the security breaches.
...Doug Johnson, vice president of risk management policy with the American Bankers Association, said banks and credit card firms like Visa are forbidden from naming merchants that have been breached, unless they disclose it themselves.
"It is really frustrating to the bank and also the customer," Johnson said...
Investigators believe that the early series of attacks on retailers staged before late November were mostly used as trial attacks to help the hackers perfect new techniques they then used against Target, stealing payment cards at unprecedented speed, Litan said.
Chris Gray, director of Denver, Colorado -based Accuvant information security firm's risk and compliance practice, said that sophisticated cyber crime groups do that because they only have once chance to get it right before victims catch on.
"You want to test it and make sure it works," Gray said. "Then you push it out at the appropriate time and do as much damage as you can."
![[Image: IMG-2569.jpg]](https://i.postimg.cc/Jn06m2gT/IMG-2569.jpg)
