Under the Radar: 500K Credit Card Numbers Stolen
An astounding half a million credit cards have been stolen from an unidentified Australian company. The hackers responsible for the theft are said to be an Eastern European group who are also suspected to be the same one’s that threatened the business continuity of Subway restaurants in 2011. A total number of 150 Subway restaurants in the US were victims of similar hacking.
This credit card intrusion is said to have been carried out remotely using encryption software that logs keystrokes at terminals of point-of sale (POS). The gang is alleged to have transmitted data using Microsoft RDP in full known as Remote Desktop Protocol. The connection was not secured. Detective Superintendant Brad Marden termed the unfortunate event as a disaster that could have been averted, since apparently the network was set up locally by suppliers who had no understanding of IT security. The company stored data on transactions in an unsecured manner and also naively used passwords on default as part of their cloud archiving system. Australian authorities estimate that fraudulent transactions worth over $25 million are now at risk due to the security breach.
While not much information has been given to the public following the Australian hacking, Subway’s incident sheds more light on what such a theft could mean. The credit card data stolen from over 80,000 Subway clients was used to make millions of dollars worth of unauthorized purchases. The question is, could these breaches have been prevented had a skilled managed services vendor provided security prior?
December 2011 saw four nationals from Romania charged in New Hampshire for the Subway related hacking - Florin Radu, age 23, Cezar Lulian, 26, Lulian Dolan, 27, and Adrian-Tiberiu Oprea, 27. They were all charged with four counts of wire fraud, conspiracy to commit computer fraud as well as fraud in accessing devices. There were also two co-conspirators, pseudonyms marcos_grande69 and tonymontanamiami. Information from Australian news sources does specify the brand name of the breached terminals, the point of sale terminal that is used by Subway is also not mentioned. However, in the beginning of 2009, Subway had announced that Torex Quick Service was the point of sale system which would be used in the 30,000 Subway restaurants. That same year saw seven restaurants in the United States sue a point of sales maker for what they termed as failing to secure their product which had been hacked by a Romanian national. This case was greatly compared to the Subway case.
The IT company used to provided the incomplete services could have deterred the crimes from happening had they implemented better security than their unsecured Microsoft RDP. The company is said to have left the connection activated as part of its managed services endeavor to keep track of stocks.
Authorities from Australia’s Federal Police have teamed up with foreign law enforcers to bring justice to these crimes. They plan to arrest and prosecute the members of the syndicate gang, but more breaches like this are probably to come in the future. Find out what you can do to keep you, your network and your organization safe from hackers. Get a free consultation today.