Stories
Slash Boxes
Comments

SoylentNews is people

Credit Card Breach at Home Depot

posted by n1 on Thursday September 04 2014, @02:26PM   Printer-friendly
from the economic-sanctions dept.

_NSAKEY writes:

Krebs on Security broke a story about Home Depot being breached, with an update stating that the banks believe the breach goes as far back as late April/early May.

Multiple banks say they are seeing evidence that Home Depot stores may be the source of a massive new batch of stolen credit and debit cards that went on sale this morning in the cybercrime underground. Home Depot says that it is working with banks and law enforcement agencies to investigate reports of suspicious activity.

[...]

In what can only be interpreted as intended retribution for U.S. and European sanctions against Russia for its aggressive actions in Ukraine, this crime shop has named its newest batch of cards “American Sanctions.” Stolen cards issued by European banks that were used in compromised US store locations are being sold under a new batch of cards labeled “European Sanctions.”

Home Depot's stock price also took a dive when the news was released.

 
This discussion has been archived. No new comments can be posted.
Credit Card Breach at Home Depot | Log In/Create an Account | Top | 29 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by frojack on Thursday September 04 2014, @07:44PM

    by frojack (1554) Subscriber Badge on Thursday September 04 2014, @07:44PM (#89472) Journal

    I actually think your reasoning is closer than the GP's reasoning, in that Mobile based Virtual payments can be tied to a Pin Lock on the phone, Two Factor Authentication of the phone, and carry a unique, encrypted, one time, key that couldn't be used for anything else, and, because it is solely in the hands of a single company, say Google, or PayPal, it could be nimble as hell.

    This is the beauty of NFC systems, they don't have to get tied down to physical things (cards) and the terminals just have to submit what the phone sent them via NFC without understanding anything about it's content other than which wallet authority to send it to.

    Can people clone your phone right down to the IMEI and the IMSI, wifi MAC and serial number? Probably, but not without disrupting the network and leaving clues.

    What we risk is the tyranny of wallet authority. Many people have problems with PayPal, (although you won't if you tell them ahead of time about any increase in your business, etc).

    --
    No, you are mistaken. I've always had this sig.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2