1-800-719-9198 sales@avpsolutions.com
AVPS Accept Credit Cards Online
  • Home
  • Solutions
  • Products
  • Blog
  • Contact
Select Page

Black Hat Roundup: Goodwill, A Billion Passwords, and other “Hacker” News

by Credit Card Processing | Aug 7, 2014 | AVP Solutions Merchant Info, AVP Solutions News and Events, merchant account services | 0 comments

Black Hat Roundup: Goodwill, A Billion Passwords, and other “Hacker” News

Well, it’s time for the annual “Black Hat” conference in Las Vegas, which is actually a conference run by “white hats” to discuss security breaches in our wired world, and to share knowledge of any breaches or security lapses they’ve discovered before the real “black hats” do.

Part of what the Black Hatters discussed this year was security for the “Internet of Things,” that almost-here future where your thermostat, ‘fridge, oven, garage door opener (and of course TV, and more) are all “smart,” and interconnected.

One presenter found up to 70 percent of such devices currently have security vulnerabilities. One concern is that this could be a way in to the workings of a commercial enterprise, if public buildings with their “things” are equally vulnerable.

Concurrent to the conference, Milwaukee-based Hold Security announced that Russian hackers now have in their possession upwards of 1.2  billion passwords and email addresses, lifted from websites large and small — i.e., from Fortune 500 companies to smaller retailers and businesses across the country.

While this doesn’t mean credit card data has been stolen — at least not yet — according to a Wall Street Journal article “experts say breaches involving usernames and passwords are dangerous for consumers, who frequently use the same credentials for multiple sites.”

One thing the hackers are doing with the data now is using it “for sending spam on social-media accounts,” which they do for a fee — and which they can often hack into since, as noted, many users still have the same log-in credentials for multiple sites.

Don’t be one of them!

Be sure to have different log-ins for the different sites you use, both personally, and for business.

Meanwhile, in the days before the Black Hat gathering gathered, there was news of a breach at an unlikely target — Goodwill Industries.

As a Forbes article on the data breach recapped,  “Brian Krebs, who first broke the Goodwill breach story, has sources who claim that the pattern of fraud on cards previously used at Goodwill can be traced across at least 21 states.”

Details are still a little scant. As the piece continues, “until we get more information about how the breach occurred (and indeed if it occurred at all), it’s impossible to speak definitively about the state of Goodwill’s security system, but the potential attack is a sobering reminder that no business or organization is safe from cyber threats.”goodwill

In this instance, this particular malware/point-of-sale breach was brought to Goodwill’s attention by Federal authorities, and the charity has been working to find the extent of the damage (which, hopefully, isn’t overly-extensive…)

Meanwhile, for a company that definitely had another, unfortunately newsworthy breach, we turn to PF Chang’s, which is looking to be upfront with customers, and contain the damage, both on the publicity, and digital fronts. They have a public “breach information” page on their company website, which may provide an example for other companies caught in similar circumstances.

As with Goodwill, the specific extent of damage done by the Chang’s breach as yet to be determined. According to a recent LA Times item, “data may have been stolen from 33 restaurants in 16 states, including eight in California.

“The restaurant chain said Monday that credit card numbers, expiration dates and, in some cases, cardholder names were stolen over eight months. However, the chain has not yet determined if ‘any specific cardholder’s credit or debit card data was stolen by the intruder,’ according to Chief Executive Rick Federico.”

Part of the potential damage, or problem, is not even the extent of the branches affected, but the length of time; 8 months’ worth of logging credit and customer information.

So the lessons are not only to keep up everything updated, and have unique and discrete log-ins for different procedures along your own “payment chain” (with its associated equipment), but to doublecheck for anomalies, numbers-that-don’t-jibe, and more, on a fairly frequent basis, so problems can not only be discovered, but remedied.

For additional security remedies, equipment upgrades, or even an expansion allowing customers multiple options in how to pay you, be sure to contact your AVPS Rep today!

Here’s to a secure week!

Submit a Comment Cancel reply

You must be logged in to post a comment.

Recent Posts:

  • Doing Business In A World With No Money
  • Big Business Eating Your Lunch? Beat Them on Customer Care
  • Help for the Holiday Chargeback Hangover
  • Getting CBD Payment Processors Approved
  • 6 Best Practices for Non -Profit Organizations in Setting Up Online Donations

Categories

  • ach
  • ach payments
  • AVP merchant solutions info
  • AVP Solutions Merchant Info
  • AVP Solutions News and Events
  • AVP Solutions Videos
  • business merchant services
  • card processing
  • check processing
  • credit card security
  • credit card service
  • credit card swiper
  • e-commerce merchant account
  • economic history
  • EMV Chip
  • Fintech
  • high risk accounts
  • high risk merchant accounts
  • holidays
  • merchant account companies
  • merchant account services
  • merchant account solutions
  • merchant cash funding
  • merchant services
  • merchant solutions
  • merchant websites
  • mobile phone credit card processing
  • mobile processing
  • online check services
  • online checking
  • online payment services
  • pay with checks
  • secure payment processing
  • Testimonials
  • virtual merchandizing

Archives

  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • January 2019
  • November 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014
  • December 2013
  • November 2013
  • October 2013
  • September 2013
  • August 2013
  • July 2013
  • June 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • December 2012
  • November 2012
  • October 2012
  • September 2012
  • August 2012
  • July 2012
  • June 2012
  • May 2012
  • April 2012
  • November 2011
  • September 2011
  • August 2011
  • July 2011
  • June 2011
  • May 2011
   American Verification Processing Solutions, LLC, Payment Processing Services, Canoga Park, CA
AVPS, LLC is a registered ISO/MSP of Central Bank of St. Louis, Clayton, MO

Address :6737 Variel Canoga Park, CA 91303

Phone : 1-800-719-9198
  • Blog
  • ISO Program
  • 818-657-3640
  • Email Us
  • Privacy Policy
  • Facebook
  • Twitter
  • Linkedin

Copyright © 2017 American Verification Processing Solutions, LLC - High risk merchants will not be boarded under TSYS