Texan liquor chain Spec’s leaks 550k card details in 17 month breach

http://www.dallasnews.com/incoming/20110728-smithst.jpg.ece/BINARY/w620x413/SmithSt.jpg

A prolonged network attack comprised some 550,000 credit cards details of of the customers associated with Houston, Texas based wine stores SPEC’s. The attacked continued for almost 17 months before authorities knew about it a few days before. 

Spec’s operated one of the largest chain of wine stores and is the largest wine seller in US with over 165 wine stores, 34 of which were compromised in the attack. Most of which were smaller ones operating around the Houston area.

 Data lost includes most things an identity thief might want, ranging from payment card numbers, expiry dates and security codes to dates of birth and driver’s license numbers in some cases. Attacked is thought to have taken place on 31 October 2012. But if was detected on 18 March 2014 after almost 17’s months period. Spec’s inner sources that they had come to knew about suspicious activity on their servers soon after the attack but were not allowed have a forensic research carry on.

 Prior to public disclosure of the breach, some Spec customers complained that their credit cards were being used. However, they had no idea as to how this could have been happening. 

However Spec’s state that no employees are thought to be involved, and it’s quite possible that the attack was entirely network-based, with the affected stores on a shared network node, or sharing a software or policy weakness which allowed the compromise to take place.

View full post on Who Got Hacked – Latest Hacking News and Security Updates