Credit Card Hacks

Credit card hacks and identity theft are becoming more and more common. Just recently over half a million credit card numbers were recorded and stolen at a local Australian business, using a simple key logger and Microsoft Remote Desktop Protocol. It’s said that the group responsible for the hack is the very same group that hacked hundreds of Subway stores.

The most shocking part about this hack is that there was no extensive coding or clever exploit needed to gain access to the network and workstations connected; the hackers simply checked for default passwords and got lucky. How a business of this size (one that processes millions of credit cards) could have security slips as rudimentary as this is just frankly hard to believe. The network was set up by armatures who knew virtually nothing about cyber security, and according to Detective Superintendent Marden, “It was a disaster waiting to happen.” My biggest concern is how this was allowed to happen. Despite high profile attacks that exploit the default passwords such as Garry McKinnon’s hack against the U.S. Military, organizations and businesses continue to leave default passwords or accounts active. Unfortunately this makes me question the security of all the purchases I have ever made with anything except cash. If this happened to a normal business in Australia what does this mean for all the places we use our credit cards? Can we ever be sure our credit cards are safe and secure?

Advertisements

10 thoughts on “Credit Card Hacks

  1. When I did an internship last summer many of the employees just used the default password that was assigned to them when their accounts were set up. I realize this isn’t nearly as large as an issue and the administrative passwords were much more secure, but it is an example of how people don’t think things through.

  2. Lot’s of people, even on the corporate side of things, are still ignorant about information security. They think it’s something like getting physically mugged or robbed, it’ll never happen to them.

  3. The false sense of security corporations have are really the biggest problems here. The whole “It will never happen to me.” mindset needs to be addressed to avoid similar situations like this.

  4. Usually this problem is connected with the fact that people tend to let their credit card numbers float around when buying things online. Its surprising to me that the problem revolves around the hackers “luck of the draw” when trying to recover the passwords.

  5. I feel as if we are in a tricky area right now. Many companies and large corporations seem to be less tech savvy than the generation that grew up with these big technological advances and the rise of common cyber-crime. As this generation rises into the large seats in companies and corporations, cyber-crime will likely become more of a problem that is focused on, but by the time we’re able to take large job positions, it may already be too late.

  6. One way that i think could help at least cut back the number of people this happens to is by enforcing people to take a course in cyber security at least in high school so they can be more prepared for coming into the real world and better protect themselves.

  7. I did a bit of research on this and found an interesting statistic. Obviously if anyone gets a hold of half a million credit cards there is no way that they would be able to use all of them, so a lot of hackers just sell the cards to other people willing to buy.

    What I found surprising was that the price for stolen credit cards are falling. If someone wants to purchase a credit card online they can do it for only 40 CENTS to 20 DOLLARS! That is hilariously low in my opinion. Maybe that just goes to show how easy it is to obtain someone’s credit card information, and how many are out there. Basic economic principles show that the (black) market is over-flooded with stolen credit cards, cause the drastic price drop.

  8. I personally am not a fan of credit cards. For a couple reasons but security definitely being one of them. To eliminate credit cards from your life isn’t that difficult of a task. For online purchases it would be best to have a separate card that has a very limited amount of money that can be spent. For those that own credit cards, you really have to keep an eye on the card and all transactions that were made on it. Making sure any credit reports/statements do not end up in the wrong hands. It’s also good to have a photocopy of your cards just in case they do get stolen.

  9. In my country, we mostly use cash in our deals and keep credit cards only for online shopping. The case in the US is too different since people rarely use cash in dealing which is good but it has some disadvantages as you mentioned. Also, some stores ask you for your card’s information to make the payment, I mean if you for example ask them to deliver dinner or something else for you, and you don’t know anything abut the person whom you are giving your info to. I have had many problems with my credit cards in the first six months in the US but now I got used to it and I try to keep it as secure as possible.

  10. What scares me most is that all these people needed was a key logger. There was an instance in my school where the entire grading system was compromised with the simple use of a key logger as well. I think that people really need to be more aware of physical risks to their hardware along with the software risks.

Comments are closed.