[ISN] USC investigates credit card security breach

From: InfoSec News <alerts_at_private>
Date: Tue, 3 Jul 2012 02:22:43 -0500 (CDT)
http://dailytrojan.com/2012/06/28/usc-investigates-credit-card-security-breach/

By Daniel Rothberg
Daily Trojan
June 28, 2012

A forensic investigation led by Ernst & Young found instances of credit 
card theft at several USC Hospitality venues over at least a one-month 
period, according to an email from Dan Stimmler, associate senior vice 
president of auxiliary services. Credit card numbers were obtained 
because of a breach in third-party software that the university 
installed three years ago, Stimmler said to the Daily Trojan.

Though credit card numbers were stolen, no personal information was 
compromised, the email said.

The university received its first reported theft June 20 and contracted 
Ernst & Young the following day to gather more details, investigate who 
might be responsible and look into ways to prevent a future security 
breach, Stimmler said. According to the email, the investigation has 
found that the thefts began on May 21 -- or possibly earlier -- and 
ended June 21 after USC Auxiliary Services discovered the breach and 
shut down the system.

The affected hospitality venues include the Ronald Tutor Campus Center, 
Seeds, The Lab and the Starbucks on the Health Sciences Campus.

[...]


--
Learn how to be a Pen Tester, CISSP, ISSMP, or ISSAP with Expanding Security online.
Come to a free class and see how good and fun the program really is.
http://www.expandingsecurity.com/PainPill
Received on Tue Jul 03 2012 - 00:22:43 PDT

This archive was generated by hypermail 2.2.0 : Tue Jul 03 2012 - 00:55:23 PDT