Move over “Heartland-gate”, make room for “Walmart-gate” :-)
Wired uncovers a very fun story here. The juiciest quotes follow below:
On intruder goals:
“hackers targeted the development team in charge of the chain’s point-of-sale system and siphoned source code and other sensitive data”
On practices:
“at least four years’ worth of customer purchasing data, including names, card numbers and expiration dates, were housed on company networks in unencrypted form.”
On intrusion discovery (Was is … an IDS maybe? Ha, not funny!):
“a fortuitous server crash led administrators to a password-cracking tool that had been surreptitiously installed on one of its servers”
On logging:
“The company’s server logs recorded only unsuccessful log-in attempts, not successful ones, frustrating a detailed analysis.”
Please read the above line again! Again! AGAIN!
On some spoils of war:
“one of the documents that flew off to Minsk from a programmer’s machine was titled“POS Store Systems Technical Specifications TLOG Encryption and Financial Flows.” […] The hackers also stole or accessed files containing point-of-sale source code and executables, as well as additional proprietary documentation detailing the company’s transaction processing network.”
On PCI role:
“Wal-Mart says it received a number of [PCI DSS compliance validation] deadline extensions […] … became certified as PCI-compliant in August 2006 by VeriSign. After it discovered the breach in November 2006 …”
Read the whole thing, will ya?!
