Shostack + Friends Blog Archive


Heartland/TJX/Hannaford hacker caught

I’ve been busy and haven’t had a lot of time to dig in, but Rich Mogull has some really good articles, “Heartland Hackers Caught; Answers and Questions,” and “Recent Breaches- We May Have All the Answers.” I have two questions:

  • Were these custom attacks, or a failure to patch? Reading what’s not in the USSS/FBI announcement in February, it seems patching SQL Server wasn’t the issue, that these were all SQL injections against either custom code or possibly a library that all the victims were using. (Pointers appreciated.)
  • Will the number of breaches reported by retailers fall by more than 10% in the next six months? (Bets appreciated.)

One comment on "Heartland/TJX/Hannaford hacker caught"

  • alex says:

    Number of Breaches, vs. type/impact of breaches:

    I’m betting that given the amount of incidents defined as “breaches” out there won’t fall more than 10%. “Heartland Hackers Caught” shouldn’t have any effect on people’s tendency to lose laptops.

    Impact of breaches, maybe. But impact from breaches where a targeted, malicious hacker is a cause, certainly I’d take that bet.

Comments are closed.