About Heartland Payment System Cyber Attack


About Heartland Payment System Cyber Attack


Image result for About Heartland Payment System Cyber Attack


On August 13, 2009, the Payment Cards Center hosted a workshop examining the changing nature of data security in consumer electronic payments.
The center invited the chairman and CEO of Heartland Payment Systems, Robert Carr, to lead this discussion & to share his experiences stemming from the data breach at his company in late 2008 and, as important, to discuss lessons learned as a result of this event.
Carr acknowledged that Heartland is working within the confines of the merchant acquiring and processing environment to address data security  through improved information sharing & security of intransigent. The data breach at heartland is very costly for the company.It lost 50 percent of its market capitalization 2009. 
It had more than $32 legal fees, forensic costs, reserves for potential card brand fines, and other related settlement costs.

1)  Vulnerability   :   poorly coded Web application software to introduce malicious code into a company's
                               Systems and network.
                               validation error to send a malformed SQL query to the underlying database to break
                                into it.   
           

2) Threat               :   SQL injections.

3) Risk                  :    Can modifying the database. 

4) Assets              : Visa, MasterCard, American Express and Discover Card transactions.
                                      ( merchant and customer data )

5) possible control:   Changed the code in the secure one

Comments

Popular posts from this blog

How to hack windows 2000 using nessus.....

OpenID Connect Introduction

Crypt-analysis