“The CEO of retailer Target revealed Saturday in an interview that the company’s point-of-sale (PoS) systems were infected with malware, confirming what security experts suspected since the massive data breach was announced in mid-December,” Lucian Constantin reports for PCWorld. “Answering a question about what caused the breach during an interview for CNBC, Target CEO Gregg Steinhafel said: ‘We don’t know the full extent of what transpired, but what we do know is that there was malware installed on our point-of-sale registers. That much we’ve established.'”
“Target originally said that approximately 40 million credit and debit card accounts may have been impacted by the breach. The company announced Friday that information like names, email addresses, mailing addresses and phone numbers of an additional 70 million people has also been stolen,” Constantin reports. “PoS systems are actually computers with peripherals like card readers and keypads attached to them. Many of these systems run a version of Windows Embedded as the OS as well as special cash register software. Target said that the credit and debit card information was stolen from its systems between Nov. 27 and Dec. 15.
“Visa issued two security alerts last year, in April and August, warning merchants of attacks using memory-parsing PoS malware,” Constantin reports. “‘Since January 2013, Visa has seen an increase in network intrusions involving retail merchants,’ Visa said in its August advisory. ‘Once inside the merchant’s network, the hacker will install memory parser malware on the Windows based cash register system in each lane or on the Back-of-the-House (BOH) servers to extract full magnetic stripe data in random access memory (RAM).'”
Read more in the full article here.
MacDailyNews Take: Windows Embedded? Those terminals were PoS, indeed.
Microsoft Windows. The gift that keeps on giving.
Apple Retail Stores unaffected.
[Thanks to MacDailyNews Reader “Lynn Weiler” for the heads up.]
Target debacle: Retailer now says 70 million people hit in massive data breach – January 10, 2014
NY Apple thefts eyed in Target’s nationwide credit breach – December 20, 2013
Target hit by massive credit-card breach – December 19, 2013
Yahoo on malware from ads: Macintosh unaffected – January 6, 2014
The Microsoft Tax: Malicious worm on Skype lets hackers hold Windows PCs for ransom; Macintosh unaffected – October 10, 2012
The Microsoft Tax: Critical Windows flaw affects millions of high-value PCs with self-replicating attacks – March 13, 2012
The Microsoft Tax: Virus infects Windows PC control systems of US Predator and Reaper drones – October 8, 2011
The Microsoft Tax: ‘Indestructible’ botnet attacks millions of Windows PCs; Macintosh unaffected – July 1, 2011
The Microsoft tax: Stuxnet computer worm infects Microsoft’s porous Windows OS; Mac unaffected – September 27, 2010
The Microsoft Tax: New undetectable Windows trojan empties bank accounts worldwide; Mac unaffected – August 11, 2010
The Microsoft Tax: Windows zero-day flaw exposes users to code execution attack; Mac unaffected – August 09, 2010
The Microsoft Tax: Critical flaw lets hackers take remote control of Windows PCs; Mac unaffected – August 07, 2010
The Microsoft Tax: New attack bypasses every Windows XP security product tested; Mac unaffected – May 11, 2010
The Microsoft Tax: McAfee correctly identifies Windows as malware; Macintosh unaffected – April 21, 2010
The Microsoft Tax: DNS Windows PC Trojan poses as iPhone unlock utility; Mac and iPhone unaffected – April 15, 2010
The Microsoft Tax: 1-in-10 Windows PCs still vulnerable to Conficker worm; Macintosh unaffected – April 08, 2010
The Microsoft Tax: 74,000 Windows PCs in 2,500 companies attacked globally; Mac users unaffected – February 18, 2010
The Microsoft Tax: Widespread attacks exploit Internet Explorer flaw; Macintosh unaffected – January 22, 2010
The Microsoft Tax: Windows 7 zero-day flaw enables attackers to cripple PCs; Macintosh unaffected – November 16, 2009
The Microsoft Tax: Windows 7 flaw allows attackers to remotely crash PCs; Macintosh unaffected – November 12, 2009
The Microsoft Tax: Windows virus delivers child porn to PCs, users go to jail; Mac users unaffected – November 09, 2009
The Microsoft Tax: Worms infest Windows PCs worldwide; Mac users unaffected – November 02, 2009
The Microsoft Tax: Banking Trojan horse steals money from Windows sufferers; Mac users unaffected – September 30, 2009
The Microsoft Tax: Serious Windows security flaw lets hackers to take over PCs; Macintosh unaffected – July 07, 2009
The Microsoft Tax: Windows Conficker worm hits hospital devices; Macintosh unaffected – April 29, 2009
The Microsoft Tax: Conficker virus begins to attack Windows PCs; Macintosh unaffected – April 27, 2009
The Microsoft Tax: Conficker’s estimated economic cost: $9.1 billion – April 24, 2009