Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive
150x172_CUEffect.jpg
Contacts
LISA MCCUEVICE PRESIDENT OF COMMUNICATIONS
EDITOR-IN-CHIEF
MICHELLE WILLITSManaging Editor
RON JOOSSASSISTANT EDITOR
ALEX MCVEIGHSTAFF NEWSWRITER
TOM SAKASHSTAFF NEWSWRITER

News Now

CU System
Malware was secretly installed on all stores servers
SCARBOROUGH, Maine (3/31/08)--A data breach that compromised the credit and debit cards of more than 4.2 million grocery shoppers was caused by software that was secretly installed on servers of every grocery store in the chain, says Hannaford Bros. The "malware" intercepted card data at nearly 300 grocery stores as customers swiped their card at the checkout counter. It then sent the data overseas, said Hannaford General Counsel Emily D. Dickinson in a letter to Massachusetts Attorney General Martha Coakley and Gov. Devel Patrick's Office of Consumer Affairs and Business Regulation (The Boston Globe and Washington Post March 28). The letter said the malware was installed on the servers of each store the company operates and that uses the company's payment systems. The stores were in Maine, Vermont, New Hampshire, Massachusetts and New York, plus the Sweetbay chain in Florida. The malware intercepted "track 2" data stored on the cards' magnetic stripe. The data include the card's number and expiration date but not the name of the customer. The data were stolen while in transit for authorization from the point of sale, meaning that as it went from cash register to one of the institutions Hannaford uses to process transactions. These include the major card networks and a major card processor, First Data Corp. The malware on the store servers collected records of the purchases in batches, then transmitted them to an offshore Internet service provider. Malware can be installed remotely if the hacker can breach a company's firewall; if servers aren't running the latest security patches; or if they are running out-of-date antivirus programs. Hannaford has replaced the hardware on which the malware was installed, the company said.
Other Resources

RSS





print
News Now LiveWire
Consumer spending is slumping #Market #Economy http://t.co/RI4HS68IuJ
9 hours ago
April is #NationalFinancialLiteracyMonth & @TheNCUA Chair Matz urges #creditunions to help members learn to manage/protect their finances.
10 hours ago
Fed. FI regulators' statmnts on compromised credentials/destructive malware #cybersecurity http://t.co/f4uTBDm1PU http://t.co/zP5Iw6VxZc
12 hours ago
Home prices rising faster than wages: @RealtyTrac #NewsNow #Market http://t.co/wa74mnw3Cu
13 hours ago
.@Nussle dropped by the @ACUMuseum recently. Read about his visit http://t.co/bYe8RRgYLP
14 hours ago