Comments on: Hannaford Breach Followup: Malware on All of Their Servers http://www.geeksaresexy.net/2008/04/01/hannaford-breach-followup-malware-on-all-of-their-servers/ tech, science, news and social issues for geeks Tue, 14 Feb 2012 07:53:04 +0000 hourly 1 http://wordpress.org/?v= By: Jamiehttp://www.geeksaresexy.net/2008/04/01/hannaford-breach-followup-malware-on-all-of-their-servers/#comment-68376 Jamie Tue, 13 May 2008 20:02:06 +0000 http://www.geeksaresexy.net/?p=2269#comment-68376 From memory, I believe that the Track 2 data contains the credit card number and expiry date. Track 1 contains the cardholder's name. I would hope that most payment processors require the name to be absolutely correct when working with internet payments. This should stop most of the fraud done that way. However, it wouldn't take a lot of work to overwrite the Track 2 data on an old card and use swipe + signature to make purchases. From memory, I believe that the Track 2 data contains the credit card number and expiry date. Track 1 contains the cardholder's name.

I would hope that most payment processors require the name to be absolutely correct when working with internet payments. This should stop most of the fraud done that way.

However, it wouldn't take a lot of work to overwrite the Track 2 data on an old card and use swipe + signature to make purchases.

]]> By: All Your Groceries Are Belong to Us « I Just Need To Say a Few Thingshttp://www.geeksaresexy.net/2008/04/01/hannaford-breach-followup-malware-on-all-of-their-servers/#comment-55492 All Your Groceries Are Belong to Us « I Just Need To Say a Few Things Thu, 03 Apr 2008 13:39:39 +0000 http://www.geeksaresexy.net/?p=2269#comment-55492 [...] until the end of March 2008.  That’s just neglegent.  Speaking of neglegent, how’s this for making your customers feel secure:     Hannaford Bros. Co. disclosed this week that the intruders who stole up to 4.2 million [...] [...] until the end of March 2008.  That’s just neglegent.  Speaking of neglegent, how’s this for making your customers feel secure:     Hannaford Bros. Co. disclosed this week that the intruders who stole up to 4.2 million [...]

]]> By: Mackenziehttp://www.geeksaresexy.net/2008/04/01/hannaford-breach-followup-malware-on-all-of-their-servers/#comment-55546 Mackenzie Thu, 03 Apr 2008 09:16:04 +0000 http://www.geeksaresexy.net/?p=2269#comment-55546 Any info on patchiness? Usually vulnerabilities are fixed within a few days, especially if they are of the "can get root" type. Had these guys ever installed their security updates? Any info on patchiness? Usually vulnerabilities are fixed within a few days, especially if they are of the "can get root" type. Had these guys ever installed their security updates?

]]> By: Kiltakhttp://www.geeksaresexy.net/2008/04/01/hannaford-breach-followup-malware-on-all-of-their-servers/#comment-55523 Kiltak Thu, 03 Apr 2008 07:44:51 +0000 http://www.geeksaresexy.net/?p=2269#comment-55523 Hey Jesmond, you work at GFI? Awesome company, awesome products :) Glad to have one of you guys read [GAS] :) Hey Jesmond, you work at GFI? Awesome company, awesome products :)

Glad to have one of you guys read [GAS] :)

]]> By: Jesmond Darmaninhttp://www.geeksaresexy.net/2008/04/01/hannaford-breach-followup-malware-on-all-of-their-servers/#comment-55517 Jesmond Darmanin Thu, 03 Apr 2008 07:08:57 +0000 http://www.geeksaresexy.net/?p=2269#comment-55517 i just cant understand how some companies take their system's security so lightly! i just cant understand how some companies take their system's security so lightly!

]]> By: Icelandhttp://www.geeksaresexy.net/2008/04/01/hannaford-breach-followup-malware-on-all-of-their-servers/#comment-55497 Iceland Thu, 03 Apr 2008 05:56:52 +0000 http://www.geeksaresexy.net/?p=2269#comment-55497 They were running Red Hat - see the follwoing link <a href="http://findarticles.com/p/articles/mi_m0EIN/is_2003_Feb_12/ai_97477252" rel="nofollow">http://findarticles.com/p/articles/mi_m0EIN/is_20...</a> They were running Red Hat – see the follwoing link

http://findarticles.com/p/articles/mi_m0EIN/is_20…

]]> By: Mackenziehttp://www.geeksaresexy.net/2008/04/01/hannaford-breach-followup-malware-on-all-of-their-servers/#comment-55189 Mackenzie Tue, 01 Apr 2008 19:37:24 +0000 http://www.geeksaresexy.net/?p=2269#comment-55189 /me dies Any word on what OS those servers were running? If Windows, was there at least some AV on there? Were they patched? I mean, was there any sort of anything even *close* to best-practice going on? Or even mediocre-practice? /me dies

Any word on what OS those servers were running? If Windows, was there at least some AV on there? Were they patched? I mean, was there any sort of anything even *close* to best-practice going on? Or even mediocre-practice?

]]> By: BelchSpeak » Post Topic » All Your Groceries Are Belong to Ushttp://www.geeksaresexy.net/2008/04/01/hannaford-breach-followup-malware-on-all-of-their-servers/#comment-55089 BelchSpeak » Post Topic » All Your Groceries Are Belong to Us Tue, 01 Apr 2008 18:34:36 +0000 http://www.geeksaresexy.net/?p=2269#comment-55089 [...] have a new post up at [GAS] that follows up on the Hannaford Grocery Chain credit card [...] [...] have a new post up at [GAS] that follows up on the Hannaford Grocery Chain credit card [...]

]]>