Domain: cardsystems.com
Stories and comments across the archive that link to cardsystems.com.
Comments · 7
-
Re:Sushant: Care to name the university?
-
Statement from CardSystems Solutions, Inc.http://cardsystems.com/news.html
Statement from CardSystems Solutions, Inc.
(June 17, 2005)
CardSystems Solutions, Inc., identified a potential security incident on Sunday, May 22nd. On Monday, May 23rd, CardSystems contacted the Federal Bureau of Investigation. Subsequently, the VISA and MasterCard Card Associations were notified to alert them of a possible security incident. CardSystems immediately began a remediation process to ensure all systems were secure. Additionally, CardSystems immediately engaged an independent 3rd party to validate systems security.
Since that time, concurrent to the investigation proceedings, CardSystems is completing the installation of enhanced/additional security procedures recommended by the security assessor involved in the investigation.
We understand and fully appreciate the seriousness of the situation. Our customers and their customers are our lifeblood. We are sparing no effort to get to the bottom of this matter. Our goal is to cooperate fully with the FBI to complete the investigation and ensure that we do nothing that might compromise the investigation.
For Further Information:
Bill Reeves
Senior Vice President, Marketing and Communications
CardSystems Solutions, Inc.
Phone: (770) 395-2959
Fax: (678) 306-4813
Email: media@cardsystems.com
---
Translation: we know we're screwed.
And even better, they make a big deal of their "Unique, proprietary authorization network" hahahaha:
http://cardsystems.com/about.html
State-of-the-Art Technology- Unique, proprietary authorization network
- Direct dial, web-based, or dedicated network connectivity for high-speed, secure processing
- Proven history of stability and reliability
-
Statement from CardSystems Solutions, Inc.http://cardsystems.com/news.html
Statement from CardSystems Solutions, Inc.
(June 17, 2005)
CardSystems Solutions, Inc., identified a potential security incident on Sunday, May 22nd. On Monday, May 23rd, CardSystems contacted the Federal Bureau of Investigation. Subsequently, the VISA and MasterCard Card Associations were notified to alert them of a possible security incident. CardSystems immediately began a remediation process to ensure all systems were secure. Additionally, CardSystems immediately engaged an independent 3rd party to validate systems security.
Since that time, concurrent to the investigation proceedings, CardSystems is completing the installation of enhanced/additional security procedures recommended by the security assessor involved in the investigation.
We understand and fully appreciate the seriousness of the situation. Our customers and their customers are our lifeblood. We are sparing no effort to get to the bottom of this matter. Our goal is to cooperate fully with the FBI to complete the investigation and ensure that we do nothing that might compromise the investigation.
For Further Information:
Bill Reeves
Senior Vice President, Marketing and Communications
CardSystems Solutions, Inc.
Phone: (770) 395-2959
Fax: (678) 306-4813
Email: media@cardsystems.com
---
Translation: we know we're screwed.
And even better, they make a big deal of their "Unique, proprietary authorization network" hahahaha:
http://cardsystems.com/about.html
State-of-the-Art Technology- Unique, proprietary authorization network
- Direct dial, web-based, or dedicated network connectivity for high-speed, secure processing
- Proven history of stability and reliability
-
Re:windows
Ah, now that's not the whole picture.
Looking through Cardsystems job section, the clearly advertise for non-MS expertise; UNIX scripting, Oracle and a bunch of other stuff besides. From the job descriptions of other jobs, it's clear that they run systems on NT and VMS servers, which - sorry to disappoint you here - is pretty standard for credit card processing. It's not security through obscurity at all, it's security through not having the lastest Swiss cheese OS.
It's also important to point out that they make PoS and client kit for transactions, which again, tends to make a lot of use of NT embedded editions. Now, how they fit into the whole 40 million credit card breach is really all speculation isn't it. Was it their website? Was it their software? Hardware? Maybe someone socially engineered their details out of them? Happened to crack the Mastercard validation mechanism using their account? Who knows... -
Re:windows
Ah, now that's not the whole picture.
Looking through Cardsystems job section, the clearly advertise for non-MS expertise; UNIX scripting, Oracle and a bunch of other stuff besides. From the job descriptions of other jobs, it's clear that they run systems on NT and VMS servers, which - sorry to disappoint you here - is pretty standard for credit card processing. It's not security through obscurity at all, it's security through not having the lastest Swiss cheese OS.
It's also important to point out that they make PoS and client kit for transactions, which again, tends to make a lot of use of NT embedded editions. Now, how they fit into the whole 40 million credit card breach is really all speculation isn't it. Was it their website? Was it their software? Hardware? Maybe someone socially engineered their details out of them? Happened to crack the Mastercard validation mechanism using their account? Who knows... -
Microsoft security problem?
Looks like they're a Microsoft
.NET house: http://www.cardsystems.com/careers/DevDotNet_0501. pdf
-
CardSystems is a MS .NET shop
Check out their careers page.