point of sale terminal

The Home Depot Logo

Report: Home Depot A Common Thread Linking Trove Of Stolen Credit Cards

Home Depot said it is investigating “some unusual activity” on its networks and working with “banking partners and law enforcement,” after security blogger Brian Krebs named the company as a common thread connecting a trove of stolen credit card accounts that have appeared in underground forums.  Krebs reported on Tuesday that “multiple banks” see evidence that Home Depot stores are the source of a “massive new batch” of stolen credit and debit cards that went on sale this morning in underground “carding” forums. The breach is believed to have affected Home Depot stores throughout North America – around 2,500 stores in total. The company has held off from confirming a breach, so far. And as of early Wednesday, Home Depot’s home page made no mention of the incident. In a statement to Reuters, spokesperson Paula Drake said that the company is holding off pending an internal investigation, and is working with law enforcement. […]

Arbor Networks PoS Report

Unknown Knowns: Arbor Warns Of Widespread Point of Sale Compromises

The hack of U.S. retailer Target put attacks on point of sale systems on the radar, and prompted major retailers to revisit the security of the systems that accept credit card transactions. Now research from Arbor Networks is warning that hackers and cyber criminals are doubling down on point of sale (PoS) systems with a wide range of specialized PoS malware and targeted attacks. Arbor says it has data suggesting that PoS compromises may be widespread, and undetected. Arbor’s Security Engineering & Response Team (SERT)  issued its findings in a Threat Intelligence Brief (2014-6)  report. The company said that “ambitious threat actors” are using targeted attack campaigns against PoS networks. The “longevity and extent” of PoS attack campaigns – even at wealthy and sophisticated organizations – is “a serious concern.”   [Read Security Ledger’s coverage of the Target data breach here.] “In organizations with security teams and well-managed network infrastructure, point of […]

Target Breach Spells End for Magnetic Stripe Cards in 2015

After years spent fighting pushes for more secure standards, the payment card industry and retailers are moving quickly to abandon magnetic stripe cards and embrace so-called ‘chip and pin’ technology. Credit card firms MasterCard and Visa plan to have most customers on the more secure chip and pin cards by October, 2015, according to a report in the Wall Street Journal. The move comes in the wake of a massive heist of account information for tens of millions of credit card holders from the systems of U.S. retailers including Target, Neiman Marcus and Michaels Stores. In an interview with MasterCard’s Carolyn Balfany, the Journal notes that company has set October, 2015 as the date for a “liability shift” – a change in policy that will hold the party in a fraudulent transaction liable for losses due to that transaction. The goal, said Balfany, is to try to encourage merchants and […]