Merchant Link SecurityCents

A blog that comments on the latest developments in the world of payments, payment data security and technology, PCI compliance, and more.

The Credit Card Criminals Are Getting Crafty

November 4, 2010 | No comments | Encryption, Tokenization

Written by: admin

By Michael Ryan

Most of you in the retail industry are probably still frightened by the idea that your company’s name may be the next to be splashed up in the headlines. Being the next TJX or Hannaford is motivation enough to double check the security of your networks and vow never to be complacent in your security efforts.

In the past, security breaches have been straight forward: hackers have identified vulnerabilities and then exploited them to gain access to the network and databases to obtain customers’ confidential information like credit card numbers, social security numbers and other personal data. Today, the attacks on the retail sector are increasingly sophisticated. Just take a look at last month’s announcement concerning a breach at Aldi, a discount grocer which operates 1,100 stores in 31 states.

As reported by Computerworld, hackers tampered with payment terminals at stores in 11 states in the summer months, gaining access to credit and debit card data, such as name, account data and personal identification numbers (PINs). According to reports, the theft of the PIN data suggests that hackers accessed PIN numbers as they were entered.

This was an incredibly sophisticated and coordinated attack designed to steal data in-flight as opposed to the traditional data at-rest. Moreover, it showed a brashness seldom seen. The crooks didn’t hide behind their computers many miles away. At some point they physically tampered with the terminals inside the stores in order to execute the attack.

The bottom line is that between damage to brand and monetary fines, the stakes of fraudulent activity are getting higher and higher for retailers. At the same time, criminals are becoming more creative and brazen in their efforts to steal data, requiring retailers to continue to advance their payment security infrastructure. Unfortunately, there is not just one security solution that is going to protect your systems against credit card data breaches. Ensuring that you implement an in-depth approach that addresses anti-virus, monitoring, tokenization and point-to-point encryption is critical if you want to keep up with the sophistication of today’s criminal organization.

Related content:

  1. Could it be? Yes it is… Another Hotel Breach!
  2. Ingenico and Merchant Link Partner on Point-to-Point Encryption and Tokenization Solution
  3. Merchant Link to Provide End-To-End Encryption and Tokenization for Secure Credit Card Transactions
  4. University of Georgia Implements Point-to-Point Encryption from Merchant Link for On-Campus Hotel
  5. Qdoba Security Breach: Why Don’t Companies Get Rid of the Data?
Better Related Posts Plugin

Tagged as: , , , , , , , , , ,

Write a Comment