Comments on: Hannaford Breach Followup: Malware on All of Their Servers http://www.geeksaresexy.net/2008/04/01/hannaford-breach-followup-malware-on-all-of-their-servers/ tech, science, news and social issues for geeks Sat, 21 Nov 2009 16:46:41 -0800 http://wordpress.org/?v=abc hourly 1 By: Jamie http://www.geeksaresexy.net/2008/04/01/hannaford-breach-followup-malware-on-all-of-their-servers/#comment-68376 Jamie Wed, 14 May 2008 04:02:06 +0000 http://www.geeksaresexy.net/?p=2269#comment-68376 From memory, I believe that the Track 2 data contains the credit card number and expiry date. Track 1 contains the cardholder's name. I would hope that most payment processors require the name to be absolutely correct when working with internet payments. This should stop most of the fraud done that way. However, it wouldn't take a lot of work to overwrite the Track 2 data on an old card and use swipe + signature to make purchases. From memory, I believe that the Track 2 data contains the credit card number and expiry date. Track 1 contains the cardholder’s name.

I would hope that most payment processors require the name to be absolutely correct when working with internet payments. This should stop most of the fraud done that way.

However, it wouldn’t take a lot of work to overwrite the Track 2 data on an old card and use swipe + signature to make purchases.

]]> By: Mackenzie http://www.geeksaresexy.net/2008/04/01/hannaford-breach-followup-malware-on-all-of-their-servers/#comment-55546 Mackenzie Thu, 03 Apr 2008 17:16:04 +0000 http://www.geeksaresexy.net/?p=2269#comment-55546 Any info on patchiness? Usually vulnerabilities are fixed within a few days, especially if they are of the "can get root" type. Had these guys ever installed their security updates? Any info on patchiness? Usually vulnerabilities are fixed within a few days, especially if they are of the “can get root” type. Had these guys ever installed their security updates?

]]> By: Kiltak http://www.geeksaresexy.net/2008/04/01/hannaford-breach-followup-malware-on-all-of-their-servers/#comment-55523 Kiltak Thu, 03 Apr 2008 15:44:51 +0000 http://www.geeksaresexy.net/?p=2269#comment-55523 Hey Jesmond, you work at GFI? Awesome company, awesome products :) Glad to have one of you guys read [GAS] :) Hey Jesmond, you work at GFI? Awesome company, awesome products :)

Glad to have one of you guys read [GAS] :)

]]> By: Jesmond Darmanin http://www.geeksaresexy.net/2008/04/01/hannaford-breach-followup-malware-on-all-of-their-servers/#comment-55517 Jesmond Darmanin Thu, 03 Apr 2008 15:08:57 +0000 http://www.geeksaresexy.net/?p=2269#comment-55517 i just cant understand how some companies take their system's security so lightly! i just cant understand how some companies take their system’s security so lightly!

]]> By: Iceland http://www.geeksaresexy.net/2008/04/01/hannaford-breach-followup-malware-on-all-of-their-servers/#comment-55497 Iceland Thu, 03 Apr 2008 13:56:52 +0000 http://www.geeksaresexy.net/?p=2269#comment-55497 They were running Red Hat - see the follwoing link http://findarticles.com/p/articles/mi_m0EIN/is_2003_Feb_12/ai_97477252 They were running Red Hat – see the follwoing link

http://findarticles.com/p/articles/mi_m0EIN/is_2003_Feb_12/ai_97477252

]]> By: All Your Groceries Are Belong to Us « I Just Need To Say a Few Things http://www.geeksaresexy.net/2008/04/01/hannaford-breach-followup-malware-on-all-of-their-servers/#comment-55492 All Your Groceries Are Belong to Us « I Just Need To Say a Few Things Thu, 03 Apr 2008 13:39:39 +0000 http://www.geeksaresexy.net/?p=2269#comment-55492 [...] until the end of March 2008.  That’s just neglegent.  Speaking of neglegent, how’s this for making your customers feel secure:     Hannaford Bros. Co. disclosed this week that the intruders who stole up to 4.2 million [...] [...] until the end of March 2008.  That’s just neglegent.  Speaking of neglegent, how’s this for making your customers feel secure:     Hannaford Bros. Co. disclosed this week that the intruders who stole up to 4.2 million [...]

]]> By: Mackenzie http://www.geeksaresexy.net/2008/04/01/hannaford-breach-followup-malware-on-all-of-their-servers/#comment-55189 Mackenzie Wed, 02 Apr 2008 03:37:24 +0000 http://www.geeksaresexy.net/?p=2269#comment-55189 /me dies Any word on what OS those servers were running? If Windows, was there at least some AV on there? Were they patched? I mean, was there any sort of anything even *close* to best-practice going on? Or even mediocre-practice? /me dies

Any word on what OS those servers were running? If Windows, was there at least some AV on there? Were they patched? I mean, was there any sort of anything even *close* to best-practice going on? Or even mediocre-practice?

]]> By: BelchSpeak » Post Topic » All Your Groceries Are Belong to Us http://www.geeksaresexy.net/2008/04/01/hannaford-breach-followup-malware-on-all-of-their-servers/#comment-55089 BelchSpeak » Post Topic » All Your Groceries Are Belong to Us Tue, 01 Apr 2008 18:34:36 +0000 http://www.geeksaresexy.net/?p=2269#comment-55089 [...] have a new post up at [GAS] that follows up on the Hannaford Grocery Chain credit card [...] [...] have a new post up at [GAS] that follows up on the Hannaford Grocery Chain credit card [...]

]]>