advertisement
advertisement


Could 5-Year-Old Bank Rules Have Prevented The Heartland Breach?

Written by Evan Schuman
January 29th, 2009
A financial blog is raising a fascinating question, asking if banking security rules from 2004 might have prevented the Heartland data breach, where cyber thieves hid a sniffer program in an unallocated portion of a Heartland transaction server.

The financial blog quoted a well-placed security consultant, who apparently had direct knowledge of one of the Heartland probes, saying: "This was an 'I told you so' moment for me. I know exactly which part of the process got hit. It was the un-encrypted Point-to-Point connection, which occurs between the Host Security Module (HSM) and the Application Security Module (ASM). But that means that they had to have had a hole in their firewall to insert the sniffer into unallocated disk space."

This Story Is Only Available For Premium Subscribers. Click Or Login In Below To Read The Rest Of This Story.


advertisement

Leave a Reply

Readers, specifically those who want to comment on a story:
Our Comment SPAM system is getting very aggressive these days and has been blocking legitimate comments. If you post a comment and don't see it appear within 2 hours or so, can you please send a heads-up to customer-service@storefrontbacktalk? Ideally, please include the time you posted the comment. That will allow us to try and hunt for it. Thanks! P.S. We're working on fixing the system, but we don't want to lose any valuable comments in the meantime.

Weekly, Monthly Newsletters

Quickly catch-up on the latest in E-Commerce and Retail Tech with our free weekly report, with urgent bulletins as news merits—along with our monthlies on Mobile, Security, In-Store, E-Commerce and CRM.
advertisement

Most Recent Comments

StorefrontBacktalk
Our apologies. Due to legal and security copyright issues, we can't facilitate the printing of Premium Content. If you absolutely need a hard copy, please contact customer service.