Comments on: The data breach that hit home http://itknowledgeexchange.techtarget.com/security-bytes/the-data-breach-that-hit-home/ A SearchSecurity.com blog Sun, 29 Nov 2009 02:50:25 +0000 http://wordpress.org/?v=2.6.2 By: News about Mortages and depts » Archive » The data breach that hit bhome/b - Security Bytes http://itknowledgeexchange.techtarget.com/security-bytes/the-data-breach-that-hit-home/#comment-596 News about Mortages and depts » Archive » The data breach that hit bhome/b - Security Bytes Thu, 12 Feb 2009 05:27:57 +0000 http://security.blogs.techtarget.com/2008/03/20/the-data-breach-that-hit-home/#comment-596 [...] Bill Brenner placed an interesting blog post on The data breach that hit bhome/b - Security BytesHere’s a brief overviewJay McGillicuddy | Mar 20 2008 11:14AM GMT. Living in Hampstead this story really hit bhome/b as we shop there all the time. I check my bdebit/b account all the time and so far so good. Can’t be too careful can we. b…/b [...] [...] Bill Brenner placed an interesting blog post on The data breach that hit bhome/b - Security BytesHere’s a brief overviewJay McGillicuddy | Mar 20 2008 11:14AM GMT. Living in Hampstead this story really hit bhome/b as we shop there all the time. I check my bdebit/b account all the time and so far so good. Can’t be too careful can we. b…/b [...]

]]> By: F. Lee Powers http://itknowledgeexchange.techtarget.com/security-bytes/the-data-breach-that-hit-home/#comment-517 F. Lee Powers Tue, 25 Mar 2008 18:02:03 +0000 http://security.blogs.techtarget.com/2008/03/20/the-data-breach-that-hit-home/#comment-517 Re: PCI DSS validity What about the PCI Assessor? I'll lay odds it's not the PCI DSS, it's the assessor who either was incompetent or very lazy in determining compliance. If there are holes a mile wide in PCI DSS compliance, even though an assessor provided a compliant Report of Compliance, then it's the assessor that failed and not the standards. If this turns out to be the case, when they name the Assessment Consultancy, that company should not be allowed to do any more PCI DSS work. Re: PCI DSS validity

What about the PCI Assessor? I’ll lay odds it’s not the PCI DSS, it’s the assessor who either was incompetent or very lazy in determining compliance. If there are holes a mile wide in PCI DSS compliance, even though an assessor provided a compliant Report of Compliance, then it’s the assessor that failed and not the standards.

If this turns out to be the case, when they name the Assessment Consultancy, that company should not be allowed to do any more PCI DSS work.

]]> By: shrikant raman http://itknowledgeexchange.techtarget.com/security-bytes/the-data-breach-that-hit-home/#comment-516 shrikant raman Sat, 22 Mar 2008 22:54:29 +0000 http://security.blogs.techtarget.com/2008/03/20/the-data-breach-that-hit-home/#comment-516 Nice summary Bill - Wide range of theories there! I've got mine at securitycoin.blogspot.com and I think Rich Mogull's theory comes the closest! Nice summary Bill - Wide range of theories there! I’ve got mine at <a href="http://securitycoin.blogspot.com" title="http://securitycoin.blogspot. " target="_blank">securitycoin.blogspot.com</a> and I think Rich Mogull’s theory comes the closest!

]]> By: Angry Customer http://itknowledgeexchange.techtarget.com/security-bytes/the-data-breach-that-hit-home/#comment-515 Angry Customer Thu, 20 Mar 2008 19:20:45 +0000 http://security.blogs.techtarget.com/2008/03/20/the-data-breach-that-hit-home/#comment-515 I think you are being too forgiving...calling Hannaford a victim rather than a villain. It took Hannaford nearly 3 weeks to inform the public of the breach. Further, Hannaford irresponsibly let customers continue to use plastic between Feb 27 and March 10 on a network that was NOT secure. To me, this is unforgiveable and an eggregious "breach" of customer trust. I loved the store (compared to the options) but will never shop there again. And, I will be helping the class action lawyers in any way that I can, since I was the true victim. I think you are being too forgiving…calling Hannaford a victim rather than a villain.

It took Hannaford nearly 3 weeks to inform the public of the breach. Further, Hannaford irresponsibly let customers continue to use plastic between Feb 27 and March 10 on a network that was NOT secure. To me, this is unforgiveable and an eggregious “breach” of customer trust. I loved the store (compared to the options) but will never shop there again. And, I will be helping the class action lawyers in any way that I can, since I was the true victim.

]]> By: Jay McGillicuddy http://itknowledgeexchange.techtarget.com/security-bytes/the-data-breach-that-hit-home/#comment-514 Jay McGillicuddy Thu, 20 Mar 2008 15:14:35 +0000 http://security.blogs.techtarget.com/2008/03/20/the-data-breach-that-hit-home/#comment-514 Living in Hampstead this story really hit home as we shop there all the time. I check my debit account all the time and so far so good. Can't be too careful can we. Living in Hampstead this story really hit home as we shop there all the time. I check my debit account all the time and so far so good.
Can’t be too careful can we.

]]> By: » The data breach that hit home Credit Card on Credit Speak: Find Info, News and More on Credit Card http://itknowledgeexchange.techtarget.com/security-bytes/the-data-breach-that-hit-home/#comment-513 » The data breach that hit home Credit Card on Credit Speak: Find Info, News and More on Credit Card Thu, 20 Mar 2008 15:02:38 +0000 http://security.blogs.techtarget.com/2008/03/20/the-data-breach-that-hit-home/#comment-513 [...] The data breach that hit home “The fraud was detected by the banks or credit card companies, then it took a little under two weeks to contain,” he wrote. “Not great, and indicative of either a little sophistication on the attacker’s part, or a lack of sophistication … [...] [...] The data breach that hit home “The fraud was detected by the banks or credit card companies, then it took a little under two weeks to contain,” he wrote. “Not great, and indicative of either a little sophistication on the attacker’s part, or a lack of sophistication … [...]

]]>