http://www.databreaches.net/?p=1761
Heartland Payment System reports 4th Quarter Gains
February 24, 2009 by admin
Of course, the fourth quarter ended before they announced that they had been breached. They had this to say about the breach in their press release today (via Marketwatch):
Clearly our biggest challenge in 2009 will arise from the system breach we suffered. There are two main components to the challenge we face: addressing claims that cardholders, card issuers, the Brands, regulators, and others have asserted, or may assert, against us arising out of the breach and managing the potential impact of the breach on the day-to-day operations of our business. With regard to the first challenge, we intend to vigorously defend any such claims and we believe we have meritorious defenses to those claims that have been asserted to date. [Is it meritorious to say “We did what everyone else did?” Bob] At this time we do not have information that would enable us to reasonably estimate the amount of losses we might incur in connection with such claims.
[From the Press Release:
Heartland Payment Systems Reports Fourth Quarter Earnings of $0.21 Per Diluted Share
Net Revenue Up 31% as Total Transaction Processing Volume Rises 23%
...and what about our unknown processor? How long should we expect to wait? Once detected, it shouldn't take too long to patch the hole that allowed the intruders access (if we have a log of their activity) Perhaps they are waiting for the next Inauguration?
http://www.databreaches.net/?p=1756
And the rumor mills kick into higher gear
February 24, 2009 by admin Filed under: Breach Reports
For the past few weeks, some of us have been in communication about reports about a second big processor breach.
… Visa and MasterCard remain mute about the source of the breach, although once the confirmation was found, Visa confirmed to Computerworld that a processior “experienced a compromise of payment card account information from its systems,” and MasterCard’s statement referred to the processor as being in the U.S.
… The recent revelation that the breach also involved ATM/Debit cards and not just card-not-present fraud changes the pool of possible candidate processors.
… Whatever happens, it is clear that hackers have figured out how to successfully gain access to tremendous databases of usable data.
… Earlier today, Breach released its annual report, Web Hacking Incidents Database 2008, noting how little we know because of failures to disclose more information that would enable people to prevent problems:
… Hopefully, Heartland is sharing specific information with other processors so that they can bring in forensic experts to review their systems to determine if they, too, may have been breached without it ever being detected.
… It is also not clear to me (yet) whether this unnamed processor breach is related to another series of fraud reports I have started investigating or whether those reports represent yet another processor breach that was never reported in the mainstream media or to the public.
[The Web Hacking Incidents Database 2008 is available here: http://www.breach.com/resources/whitepapers/2008WHID.html
Remember this one?
http://news.slashdot.org/article.pl?sid=09/02/24/2240241&from=rss
Terry Childs Case Puts All Admins In Danger
Posted by kdawson on Tuesday February 24, @09:02PM from the if-they-want-to-get-you dept. The Courts IT
snydeq writes
"Paul Venezia analyzes the four counts San Francisco has levied against Terry Childs, a case that curiously omits the charge of computer tampering, the very allegation that has kept Childs in jail for seven months and now appears too weak to present in court. Count 1 — 'disrupting or denying computer services' — is moot, according to Venezia, as the city's FiberWAN did not go down due to Childs' actions. Venezia writes, 'Childs' refusal to give up the passwords for several days in no way caused a disruption of the normal operation of the FiberWAN. In fact, it could be argued that his refusal actually prevented the disruption of normal network operation.' Counts 2 through 4 pertain to modems Childs had under his control, 'providing a means of accessing a computer, computer system, or computer network in violation of section 502,' according to case documents. As Venezia sees it, these counts too are spurious, as such devices are essential to the fulfillment of admin job requirements. 'If Childs is convicted on the modem charges, then just about every network administrator in the world could be charged with the same "crime,"' Venezia writes. All the authorities would have to do is 'point out that you have a modem or two, and suddenly you're wearing pinstripes of the jailhouse variety.'"
Interesting. Would the RIAA use this for “new” music?
http://news.slashdot.org/article.pl?sid=09/02/24/2229205&from=rss
Court Upholds AP "Quasi-Property" Rights On Hot News
Posted by kdawson on Tuesday February 24, @06:14PM from the discarded-lo-these-90-years dept.
I Don't Believe in Imaginary Property writes
"A federal court ruled that the AP can sue competitors for 'quasi-property' rights on hot news, as well as for copyright infringement and several other claims. The so-called 'hot news' doctrine was created by a judge 90 years ago in another case, where the AP sued a competitor for copying wartime reporting and bribing its employees to send them a copy of unreleased news. The courts' solution was to make hot news a form of 'quasi-property' distinct from copyright, in part because facts cannot be copyrighted. But now the AP is making use of the precedent again, going after AHN which competes with the AP, alleging that they're somehow copying the AP's news. The AP has been rather busy with lawsuits lately, so even though the AP has a story about their own lawsuit, we won't link to it."
Don't worry, we can be trusted to self-regulate! We just can't figure out how to fill out a simple form!
http://news.cnet.com/8301-13578_3-10171703-38.html?part=rss&subj=news&tag=2547-1_3-0-5
Telecom industry may see more than $12 million in fines
by Stephanie Condon February 25, 2009 6:51 AM PST
A federal regulatory agency on Tuesday proposed more than $12 million in fines for the telecommunications industry, after hundreds of telecommunications carriers failed to ensure to the agency they are instituting proper protections over customer data.
The carriers either failed to file to the Federal Communications Commission, or filed incorrectly, the required paperwork confirming they have implemented a plan to protect customers' proprietary network information. In the notices the FCC sent to the more than 600 carriers who completely failed to file the paperwork, the agency proposed a fine of $20,000 for each carrier. For the carriers who filed noncompliant information, the FCC proposed a range of fines up to $10,000.
An indication that Google is no longer willing to “Play nice?”
http://news.cnet.com/8301-10805_3-10171522-75.html?part=rss&subj=news&tag=2547-1_3-0-5
Google wants to join EU case against Microsoft
by Steven Musil February 24, 2009 5:20 PM PST
http://www.pogowasright.org/article.php?story=2009022506093124
UK: How technology is revolutionising spying
Wednesday, February 25 2009 @ 06:09 AM EST Contributed by: PrivacyNews
Data mining is key to intelligence community, and privacy of personal information cannot be guaranteed, says Sir David Omand
Source - vnunet.com
Related - The National Security Strategy: Implications for the UK intelligence community (free download)
[From the article:
The report says this personal information – known as protected information or "protint" - is mainly found in public and private sector databases, such as advance passenger information, airline bookings, passport and biometric data, immigration, identity and border records, criminal records, financial, telephone and email records.
"Access to such information, and in some cases the ability to apply data mining and pattern recognition software to databases, might well be the key to effective pre-emption in future terrorist cases," says Omand.
Contrary to popular opinion, this information has always been available to the intelligence community. But whereas traditional methods would involve tapping a particular line of communication or searching for a particular record, new data mining software can proactively sift personal information on databases to look for suspicious patterns.
Graphic of the economic downturn. Depressing. (No pun intended.)
http://www.bespacific.com/mt/archives/020658.html
February 24, 2009
CNN Economy Tracker
Based on Bureau of Labor Statistics data, this graphical Economy Tracker chart indicates by state, rates of unemployment, jobs by industry, and foreclosures. The information range is January 2007 to present.
Geek toy! Looks interesting.
http://hardware.slashdot.org/article.pl?sid=09/02/24/1918217&from=rss
$100 Linux Wall-Wart Now Available
Posted by kdawson on Tuesday February 24, @02:25PM from the not-to-be-confused-with-wal-mart dept.
nerdyH sends us to LinuxDevices for a description of a tiny Linux device called the Marvell SheevaPlug.
"A $100 Linux wall wart could do to servers what netbooks did to notebooks. With the Marvell SheevaPlug, you get a completely open (hardware and software) Linux server resembling a typical wall-wart power adapter, but running Linux on a 1.2GHz CPU, with 512MB of RAM, and 512MB of Flash. I/O includes USB 2.0, gigabit Ethernet, while expansion is provided via an SDIO slot. The power draw is a nightlight-like 5 Watts. Marvell says it plans to give Linux developers everything they need to deliver 'disruptive' services on the device."
The article links four products built on the SheevaPlug, none of them shipping quite yet. The development kit is available from Marvell.
Technology builds empires. (and apparently, British naval security was much better 400 years ago than it is today.)
http://tech.slashdot.org/article.pl?sid=09/02/24/2337202&from=rss
Superguns Helped Defeat the Spanish Armada
Posted by kdawson on Wednesday February 25, @04:38AM from the nobody-expects-the-spanish-armada dept. The Military Science
Hugh Pickens writes
"With the discovery last year of the first wreck of an Elizabethan fighting ship off Alderney in the Channel Islands, thought to date from around 1592, marine archaeologists are revising their ideas on how the English defeated the Spanish Armada. Replicas of two cannon recovered from the Alderney wreck were recreated in a modern foundry, and tests carried out showed that the Elizabethans were throwing shot at almost the speed of sound. Elizabeth's 'supergun,' although relatively small, could hit a target a mile away. At a ship-to-ship fighting distance of about 100 yards, the ball would have sufficient punch to penetrate the oak planks of a galleon, travel across the deck, and emerge out the other side. Tests on cannon recovered from the Alderney wreck also suggest that the ship carried guns of uniform size, firing standard ammunition. ' Elizabeth's navy created the first ever set of uniform cannon, capable of firing the same size shot in a deadly barrage,' says marine archaeologist Mensun Bound from Oxford University, adding that that navy had worked out that a lot of small guns, all the same, all firing at once, were more effective than a few big guns. '[Elizabeth's] navy made a giant leap forward in the way men fought at sea, years ahead of England's enemies, and which was still being used to devastating effect by Nelson 200 years later.'"
Being a cheap bastard, I love lists of free stuff – even if I don't have the artistic skills to make use of them. Keep this list in your Swiss Army Folder just in case.
http://news.cnet.com/8301-17939_109-10170333-2.html?part=rss&subj=news&tag=2547-1_3-0-5
15 online photo editors compared
by Josh Lowensohn February 25, 2009 4:00 AM PST
Tools that let you edit photos in the Web browser have come a long way in the last few years. We wanted to take a moment to do a feature comparison with a grouping of editors--big and small, to see what each one is capable of.
No comments:
Post a Comment