Jump to content
House Price Crash Forum
Sign in to follow this  
ScaredEitherWay

Largest Ever Case Of Hacking And Identity Theft

Recommended Posts

Mr Gonzalez broke into three large card processing systems:

- Hartland, a card processing company

- 7/11 convenience stores

- Hannifords, a national supermarkets

They circumvented firewalls and uploaded the details of 130,000,000 cards to servers in the US and other countries.

They planned to sell it on to steal money from the card holders

And there's more still being uncovered

http://news.bbc.co.uk/1/hi/world/americas/8206305.stm

Edited by ScaredEitherWay

Share this post


Link to post
Share on other sites
Guest sillybear2

US man 'stole 130m card numbers'

I wouldn't want to be standing behind him at the check outs.

Share this post


Link to post
Share on other sites
Mr Gonzales used a complicated technique known as an "SQL injection attack" to penetrate networks' firewalls and steal information, the US Department of Justice said

:o

Unforgivable.

SQL injection is very old and one of the most basic security exploits going, unbelievable that the code protecting 130 million credit cards is so poorly written.

Share this post


Link to post
Share on other sites
Guest KingCharles1st
:o

Unforgivable.

SQL injection is very old and one of the most basic security exploits going, unbelievable that the code protecting 130 million credit cards is so poorly written.

Credit cards should be banned- then this sort of thing could not happen.

Share this post


Link to post
Share on other sites
Credit cards should be banned- then this sort of thing could not happen.

2 days ago the missus's DEBIT card had 2,500 charged to it on 4 separate transactions. what do you think the chances are of having it refunded? hsbc won't tell us that! and does that mean we can now blame this guy? makes a better story for us!

Share this post


Link to post
Share on other sites
SQL injection is very old and one of the most basic security exploits going, unbelievable that the code protecting 130 million credit cards is so poorly written.

Perfectly believable. Banks won't employ competent IT developers: "you're over-qualified, you'd be bored by it." They'll employ someone who is capable of deploying a bog-standard packet-filtering firewall (and a shrinkwrapped antivirus if on windoze), and then they're secure, innit? ;) SQL injection, being an application-layer thing, is unaffected.

They might even go so far as to deploy an application-layer firewall such as mod_security for Apache, but that's only as good as your ruleset, and that can only be reactive. Like that shrinkwrapped antivirus, but without the benefit of a centralised authority that gets to see threats as they happen.

Competent programmers who understand basic rules like sanitising all untrusted input (what the Perl folks call untainting)? Nope, Overqualified ....

Share this post


Link to post
Share on other sites
Guest skullingtonjoe
Perfectly believable. Banks won't employ competent IT developers: "you're over-qualified, you'd be bored by it." They'll employ someone who is capable of deploying a bog-standard packet-filtering firewall (and a shrinkwrapped antivirus if on windoze), and then they're secure, innit? ;) SQL injection, being an application-layer thing, is unaffected.

They might even go so far as to deploy an application-layer firewall such as mod_security for Apache, but that's only as good as your ruleset, and that can only be reactive. Like that shrinkwrapped antivirus, but without the benefit of a centralised authority that gets to see threats as they happen.

Competent programmers who understand basic rules like sanitising all untrusted input (what the Perl folks call untainting)? Nope, Overqualified ....

I doubt a lot of people out of uni would even know what PERL was - they`d probably think it`s some kind of `bling` you buy for your trophy girlfriend after your latest C# project!

Share this post


Link to post
Share on other sites
Guest DissipatedYouthIsValuable
I doubt a lot of people out of uni would even know what PERL was - they`d probably think it`s some kind of `bling` you buy for your trophy girlfriend after your latest C# project!

No real coder has a girlfriend.

Very inconsistent interface which won't respond to debugging.

Share this post


Link to post
Share on other sites
No real coder has a girlfriend.

Very inconsistent interface which won't respond to debugging.

:lol:

(my brother is a firewall programmer, so I am geek by association :blink: )

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

  • The Prime Minister stated that there were three Brexit options available to the UK:   295 members have voted

    1. 1. Which of the Prime Minister's options would you choose?


      • Leave with the negotiated deal
      • Remain
      • Leave with no deal

    Please sign in or register to vote in this poll. View topic


×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.