Sister CISA CISSP:

Data Breaches


April 3, 2009  7:30 PM

When News Isn’t News



Posted by: Arian Eigen Heald
Admins and Auditors, credit card crime, Data Breaches

A client of ours was notified recently by their financial institution that some of their credit cards had been compromised by a vendor. The rational question followed: "Which vendor?" To which the bank replied, we aren't going to tell you in order to protect the reputation of the...

April 1, 2009  12:45 AM

Making it Easy For Hackers



Posted by: Arian Eigen Heald
Data Breaches, information security, Security Devices

How many rules do you have in your firewall? How many rules allow access directly into your network? How many rules allow ANY/ANY? The more rules you have in your firewall rulebase, the higher your risk of allowing attackers in. I'm not talking about opening access to your webserver in the...


March 26, 2009  8:39 PM

Hijacking Your Website



Posted by: Arian Eigen Heald
Data Breaches, information security

With all the publicity going on about the Heartland breach, not much attention has been paid to what happened to CheckFree last December. The event is also much more challenging to explain to the...


March 17, 2009  2:13 AM

The Emperor Has No Clothes



Posted by: Arian Eigen Heald
Data Breaches, PCI DSS, Start Laughing Now, Tearing My Hair Out

Visa is in a difficult position: it has said that merchants must be compliant, and the ultimate threat is to pull processing permissions from non-compliant merchants. But if one of the merchants turns out to be a payment processor that generates huge profits for Visa, do they cut off their nose...


March 12, 2009  8:50 PM

You May Not Want to Know, But…..



Posted by: Arian Eigen Heald
Data Breaches, PCI DSS

If you are wondering if your banking institution has been affected by the Heartland breach, you can visit bankinfosecurity.com's web page (updated daily) tracking the number of institutions announcing they have been affected by the...


March 9, 2009  11:59 PM

ATM Heists Grow in 2007 and 2008



Posted by: Arian Eigen Heald
Automatic Theft Machines, Data Breaches, PCI DSS

A story on Wired came out recently about a $9 million ripoff of RBS WorldPay. Further reading on Wired led me to articles about, variously, a cracking of an ATM network in 7-Eleven stores that linked to


February 26, 2009  2:33 PM

Another Big Processor Breach, But Nobody is Talking



Posted by: Arian Eigen Heald
Data Breaches, information security, PCI DSS

Word is rampant on blogs and security portals that another processor breach (in addition to Heartland) has occurred. Banks are being contacted by Visa and Mastercard, to replace credit cards as well as ATM cards. The latest, from


February 20, 2009  3:06 PM

Must READ: A Great Article on ATM Card Skimming



Posted by: Arian Eigen Heald
Automatic Theft Machines, credit card crime, Data Breaches

If you want to know what to look for in the growing cybercrime market of ATM card skimming, read the article and check out the pictures. Knowing what to look for is half the battle. And kudos to the author,


February 5, 2009  6:12 PM

I Need a Really Big Stick



Posted by: Arian Eigen Heald
Data Breaches, TCM (Truly Clueless Management), Tearing My Hair Out

The Ponemon Institute (I keep wanting to say Pokemon, don't you?) is about to release it's fourth annual study on data breach activity. What differentiates this report from the study provided by McAfee? Well, for...


January 27, 2009  5:51 PM

More on the Heartland Breach



Posted by: Arian Eigen Heald
Data Breaches, Security

Some interesting information is coming forward about the break in at Heartland Payment Systems. The Secret Service has identified an overseas suspect, according to StoreFront...

Bookmark and Share     0 Comments     RSS Feed     Email a friend


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: