Details Emerge of 2006 Wal-Mart Hack 66
plover writes "Kim Zetter of Wired documents an extensive hack of Wal-Mart that took place in 2005-2006. She goes into great detail about the investigation and what the investigators found, including that the hackers made copies of their point-of-sale source code, and that they ran l0phtCrack on a Wal-Mart server. 'Wal-Mart uncovered the breach in November 2006, after a fortuitous server crash led administrators to a password-cracking tool that had been surreptitiously installed on one of its servers. Wal-Mart's initial probe traced the intrusion to a compromised VPN account, and from there to a computer in Minsk, Belarus.' Wal-mart has long since fixed the flaws that allowed the compromise, and confirmed that no customer data was lost in the hack — which is why they did not need to report the breach publicly earlier." This intrusion happened around the same time that Albert Gonzalez's gang was breaking into Marshall's and its parent company, TJX. The MO was quite similar: researching and closely targeting the point-of-sale systems in use. But the article notes that "There's no evidence Wired.com has seen linking Gonzalez to the Wal-Mart breach."
Re:must have been a windows server.... (Score:2, Insightful)
Re:must have been a windows server.... (Score:2, Insightful)
That doesn't mean it isn't impossible. Claiming that it is is misinformation.
SCO Unix success story? (Score:2, Insightful)
Is this information about POS backends still valid?
FTA:
"Wal-Mart has thousands of servers nationwide, and any one of them crashing would ordinarily be a routine event."
"Someone had installed L0phtcrack, a password-cracking tool, onto the system, which //crashed the server// when the intruder tried to launch the program." [emph. added]
From http://www.sco.com/company/success/story.html?ID=21 [sco.com] :
"Nearly all of the 350 chains using PDI/RMS are deployed on SCO UNIX® technology [...]"
"McLane Co., Wal-Mart's wholesale subsidiary, acquired PDI in 1991. Fischer says one goal of the acquisition was to achieve tighter integration with some of the 30,000 c-stores that McLane serves. However, PDI continues to operate as a stand-alone entity and many of its customers are served by other wholesalers."
Re:must have been a windows server.... (Score:2, Insightful)
Only a fool would try to convince you that Linux can't be exploited - but, what has been the total cost of Linux exploits in the past 10 years? A mere drop in the bucket, compared to Windows exploited systems.
Again, there isn't any evidence. Why would this be? I use the same basic rules for every os I manage, and guess what? I never have to reinstall. Never.