Language Selection

English French German Italian Portuguese Spanish

Security fix installed after breach

Filed under
Security

The operations center for a credit card processing firm whose security was breached by a hacker, exposing 40 million accounts to possible fraud, has put new security software in place.

Marc Maiffret, a computer security specialist and co-founder of eEye Digital Security of Aliso Viejo, Calif., said his firm installed the security upgrade for Atlanta-based CardSystems Solutions' operations center here on June 10.

On Friday, MasterCard International Inc. disclosed that 40 million credit card accounts belonging to it and other companies were exposed to possible fraud by a security breach at CardSystems Solutions' operations center here, the latest in a string of recent breaches at financial institutions.

Maiffret told the Arizona Daily Star that the upgrade his firm sold CardSystems Solutions was in place three days later. CardSystems may have initiated other measures as well in response to the breach, he added.

Calls to Maiffret and spokesmen for eEye Digital and CardSystems Solutions were not returned immediately Thursday.

CardSystems Solutions is among a large number of companies processing financial transactions for credit card issuers that largely use custom-made software applications not initially designed with security components as their foremost need, Maiffret said.

In addition, such third-party companies frequently must contend with budget constraints causing them to be stingy on computer security, Maiffret said.

Those settings make for favorable conditions for a skilled hacker to manipulate his way through a computer program seeking vulnerabilities, he added.

"There is really no standard for how all this financial information gets pushed around, and all these companies push it around a little differently," Maiffret told the Star.

"That means you also have all these little quirks and opportunities for a hacker who has the time to find weaknesses."

Associated Press

More in Tux Machines

Native Netflix, Ts'o on Systemd, and Fedora 21 Alpha a Go

In today's Linux news OMG!Ubuntu! is reporting that Netflix is coming to Linux, this time natively. Jack Germain reviews Opera 12.16. Steven J. Vaughan-Nichols talks to Theodore Ts'o about systemd. A preview of new Kmail show radical redesign. And finally today, Fedora 21 Alpha was approved for release! Read more

Ubuntu gets closer to debut in Meizu MX4 phone

The Ubuntu project announced a stable build for Ubuntu Touch phones, a week after Meizu tipped an Ubuntu version of the Meizu MX4 phone due in December. The Ubuntu for Phones team at the Canonical’s Ubuntu Project announced the arrival of the first image from the Ubuntu-rtm (release to manufacturing) distribution for phones. The announcement followed last week’s tease from Meizu, saying a version of the Android-based Meizu MX4 was on schedule for shipping with Ubuntu in December. Read more

Android L Will Keep Your Secrets Safer

Hard on the heels of increased security measures in Apple's newly released iOS 8, Google this week confirmed that encryption will be turned on by default in the next release of Android. Android has offered encryption for more than three years, and keys are not stored off the device, so they can't be shared with law enforcement, Google said. In the next Android release, encryption will be enabled by default. Read more

WHAT THE GNOME RELEASE TEAM IS DOING

At the release team BoF at this years Guadec, I said I would write a blog post about the whats and hows and ifs of release team work. I’m a little late with this, but here it is: a glimpse into the life of a GNOME release team member. We are in the end phase of the development cycle, when the release team work is really kicking into high gear. Read more