Shostack + Friends Blog Archive


I love the emergent chaos of breach analysis

[Updated: see below] hands.jpg

Over at Storefront backtalk, Evan Schuman writes “TJX Kiosk Rumors Re-Emerge:”

Reports that the attack began using a wireless entry point have been confirmed by multiple investigators, but reports that circulated in March that the attacks began via an in-store employment kiosk have re-emerged.

Could both be true? It’s unlikely, as both entry attempts were reportedly successful, raising the question of why the second was attempted. Could TJX have actually been the victim of two simultaneous and unrelated attacks, one using wireless and the other a jobs kiosk that was not firewall-protected?

I don’t know didn’t recognize Evan Schuman’s name–he’s a reporter who’s been around for quite a while. Most of his writing [on that blog] is about the retail space. However, he’s been following the TJX story closely, and here he offers up a new theory of what went wrong, one that I hadn’t seen before.

This is happening because data is being let out of its planters (none of them are big enough to be called walled gardens) and into the light. Strange stuff emerges. New analysis comes from folks who aren’t the usual suspects, and haven’t been given privileged access to the facts.

Image: “Red and Orange Hands” by pliene.