Heartland/TJX/Hannaford hacker caught
I’ve been busy and haven’t had a lot of time to dig in, but Rich Mogull has some really good articles, “Heartland Hackers Caught; Answers and Questions,” and “Recent Breaches- We May Have All the Answers.” I have two questions:
- Were these custom attacks, or a failure to patch? Reading what’s not in the USSS/FBI announcement in February [link to http://usa.visa.com/download/merchants/20090212-usss_fbi_advisory.pdf no longer works], it seems patching SQL Server wasn’t the issue, that these were all SQL injections against either custom code or possibly a library that all the victims were using. (Pointers appreciated.)
- Will the number of breaches reported by retailers fall by more than 10% in the next six months? (Bets appreciated.)
Number of Breaches, vs. type/impact of breaches:
I’m betting that given the amount of incidents defined as “breaches” out there won’t fall more than 10%. “Heartland Hackers Caught” shouldn’t have any effect on people’s tendency to lose laptops.
Impact of breaches, maybe. But impact from breaches where a targeted, malicious hacker is a cause, certainly I’d take that bet.