In June of 2005 CardSystems Solutions would incur one of the first major credit card number breaches. The announcement detailed that more than 40 million records had been exposed. Though this number would later be eclipsed in the coming years, at the time it was considered the worst breach to date. The Tuscon, Arizona based company processed more than $15 billion dollars each year and was notified by MasterCard that there was fraudulent activity that was highly correlated to transactions made through the processor. The fraud was identified in May, but not announced until June. The delay in the announcement would allow the company and card brands to work with law enforcement to identify the location of the attackers as it seemed that they were still in the system.
Financial gain was most certainly the only focus of attackers in July of 2005 when they first gained access to TJ Maxx systems. By January 17, 2007 the world would learn about a massive security breach that would rock the payment card industry and send a signal to retailers and hackers around the world.
In December 2007, just as investigators were fervently gathering evidence within TJ Maxx’s network, another attack was in its infancy. Heartland Payment Systems, a Fortune 1000 company located in Princeton, New Jersey, was the next target in line for Gonzalez and his team. Heartland was in the business of providing payment card processing services to over 250,000 merchants across the US and Canada (though they have since left Canada). Heartland also operated a payroll processing division which handled check printing and direct deposit for thousands of customers. It was ranked as the 5th largest payment processor in the United States. In total, Heartland had over $80 billion in transactions touch its system each year.
Global Payments, based in Atlanta, Georgia was America’s 7th largest merchant processor in 2012 and handled more than $120 billion in payment card transactions annually. But in February, 2012 it was more than just business as usual for their technology staff. Their IT security teams had identified anomalies that led them to find multiple servers hosting malicious software.
At Target over 40 million credit card numbers were compromised and over 70 million records of personal contact information were leaked by an attack that was well timed. The attackers focused on the holiday shopping season from Black Friday to mid-December, 2013. By selling the extracted credit cards in the middle of the holiday shopping season, the attackers increased the success rate of the carders using the counterfeit cards.
In early February 2014 explosions began to go off along the Las Vegas strip, but these explosions were unlike the traditional fireworks seen during the New Year celbrations. A digital attack within the computer systems of the Las Vegas Sands Corporation began crippling the casino and entertainment giant. The attack began with the defacement of the Venetian and Palazzo websites. The defacement showed images of the casino properties within the United States burning. The statement read, "Encouraging the use of Weapons of Mass Destruction, UNDER ANY CONDITION, is a Crime." The company would endure a long remediation in the wake of the multi-day attack which would later be identified as an attack based in Iran.
Approximately 7 million businesses and 76 million households were impacted after intruders were detected accessing sensitive data within the banking titan. The attackers gained access by stealing account credentials from an employee and then gaining access through the employee’s computer. Two-factor authentication managed to protect card holder data, but because customer information like name, address, phone number and email were unprotected by this security mechanism attackers were able to use their access to steal more than 83 million records.
On September 2, 2014, only a week after the home improvement superstore had announced a major transition of leadership affecting the company's CEO spot, banking partners of The Home Depot notified officials that they had identified suspicious activity that could be correlated to cards all used at the do-it-yourself (DIY) giant’s stores in the United States and Canada. The problem could not be correlated to any purchases made online so the point of sale systems were the first place investigators turned their attention.
Craig is the Director of Incident Response and Problem Management for MGM Resorts International where he drives priority incident escalation, communication restoration, analysis and review.
In addition to his corporate experience, Mr. Jacobs also developed Defygo.com and RateShepherd.com with his business partner, fellow MSU alum, Derek McCallum.
Mr. Jacobs received his B.S. of Telecommunications Systems Management and Master of Business Administration from Murray State University.
Craig Jacobs ©2015
$10,000 Bill Image is considered Public Domain and used in accordance with Section 411 of Title 31 of the Code of Federal Regulations. Source: Wikimedia Commons
Font for cover courtesy of Johan Holmdahl