[ISN] Hackers strike again in attack on eateries

From: InfoSec News <alerts_at_private>
Date: Mon, 25 Jan 2010 00:28:26 -0600 (CST)
http://joongangdaily.joins.com/article/view.asp?aid=2915745

January 25, 2010
joongang.co.kr

Hackers cracked into the credit card processing networks of several 
popular restaurant chains in Korea from December through early this 
year, obtaining personal information from customers to make fake cards 
and ring up millions of won in purchases.

Authorities said the resulting monetary damage could exceed similar 
high-profile hacking incidents over the past two years, though they did 
not provide data on the chains involved or the estimated number of 
consumers affected.

The cyber crime unit of the national policy agency and local financial 
authorities said yesterday that the hackers manufactured fake credit 
cards based on the stolen information, charging roughly 190 million won 
($165,794) in purchases abroad.

A Financial Supervisory Service official said the hacker made a total of 
460 transactions with the fake credit cards.

Authorities alerted the credit card providers about the latest 
development, and the firms are now contacting affected customers and 
reissuing cards with new numbers.

It's the latest incident in a string of hacking attacks on local credit 
card payment networks over the past two years, deepening concern among 
consumers and companies alike.

Similar hacking attacks on several local retail chains - whose names 
were not revealed - in April 2008 forced some 20,000 Koreans to get new 
credit cards.

Hackers used the information gleaned in the attacks to produce fake 
cards, making 310 purchases worth 166 million won.

In August through September of last year, hackers obtained the credit 
card information of about 2,360 people who swept their cards in local 
restaurants and bar chains. In these cases, the hackers made purchases 
worth 78 million won using fake cards.

Industry officials said that the smaller chain businesses are 
particularly susceptible to these types of attacks, as they don't have 
as advanced security systems in place as their larger peers.

"The [credit card payment] processing networks of large business chains 
like big discount stores are relatively well protected in this regard," 
said one official at the Credit Finance Association of Korea. "But small 
and midsized chains are far more vulnerable in terms of securities 
measures."

In the face of intensifying hacking threats, the Financial Supervisory 
Service, the Credit Finance Association and credit card companies last 
month formed a joint task force team to come up with possible solutions 
to prevent such attacks.


________________________________________ 
Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 
http://www.infosecnews.org
Received on Sun Jan 24 2010 - 22:28:26 PST

This archive was generated by hypermail 2.2.0 : Sun Jan 24 2010 - 22:39:47 PST