Comments on: Hannaford Data Breach is Likely Much Worse Than Reported

By: Hannaford Breach Followup: Malware on All of Their Servers

Hannaford Breach Followup: Malware on All of Their Servers — Tue, 01 Apr 2008 18:06:49 +0000

[...] your groceries are belong to us.” According to a ComputerWorld article, the Hannaford Breach was not just a single keylogger installed at a critical point in the enterprise. Malware was [...]

By: Followup: Hannaford Used Rapid7 for Security

Followup: Hannaford Used Rapid7 for Security — Wed, 19 Mar 2008 16:01:19 +0000

[...] Brothers Supermarkets didn’t know much about cybersecurity, but then again, most companies don’t. Companies that don’t use a full-time infosec [...]

By: Tony Lawrence

Tony Lawrence — Wed, 19 Mar 2008 11:07:21 +0000

I see Nexpose has already nuked that Google result :-)

By: BelchSpeak

BelchSpeak — Wed, 19 Mar 2008 04:55:18 +0000

This post here by Attrition may warrant its own follow up post tomorrow. Until then enjoy the LULZ.

http://attrition.org/security/rant/z/rapid7.html

By: BelchSpeak

BelchSpeak — Wed, 19 Mar 2008 04:47:56 +0000

Actually, they discovered the breach on the 27th of February, Gins. They reported it 2 and a half weeks later. They realized that it had been going on since the 7th of Dec.

As far as doublespeak goes, this is what it means: 2.5 weeks were spent determining their liability and how to continue their business and plug the holes at the same time. This is not so bad- every business has to be able to do this in case it happens. The real question is: Did they have a working plan in place for such a disaster? Probably not, which caused part of the delay in reporting.

By: Kiltak

Kiltak — Wed, 19 Mar 2008 02:34:33 +0000

There’s nothing amusing in this post my friend :)

By: Poppy

Poppy — Wed, 19 Mar 2008 02:15:13 +0000

I am not amused.

By: Gins

Gins — Tue, 18 Mar 2008 22:53:41 +0000

They knew didn’t contain it for 3 months? What does that mean in doublespeak?
GAH that pisses me off….the only reason I have used my card there is when I went to see my daughter and bought her groceries. Def within that time period.

By: PatB

PatB — Tue, 18 Mar 2008 21:34:50 +0000

Its been a while, but I still see the 7-11’s in my area using old cisco boxes for vpn back to corporate. Same with automotive companies from sam’s used cars to bill’s new chevys.

By: Tony Lawrence

Tony Lawrence — Tue, 18 Mar 2008 21:31:27 +0000

:-)

Ayup. I’ve been in the “router/bathroom” rooms.. more often for reasons having to do with the router..

I also love the “We don’t know where it is” places.. the wires disappear into the wall and it can be such fun finding the source.. and what’s this “Cisco” you mention? I think you are more likely to find a $50 Linksys..

By: PatB

PatB — Tue, 18 Mar 2008 21:26:20 +0000

They also typically place their tiny cisco routers or DSL boxes in the back rooms adjacent to the bathrooms too. No physical security at all.

By: Tony Lawrence

Tony Lawrence — Tue, 18 Mar 2008 21:24:00 +0000

Actually, TJX didn’t surprise me – I did some consulting for them years ago and didn’t think much of their IT department then.. I bet there have been some big shakeups now..

The little jiffy mart is a good example. It’s probably a chain, and it probably operates on tight margins.. which could mean weak and underpaid/understaffed/highly stressed IT with a crappy budget.. nice target..