Slashdot Mirror

← Back to Stories (view on slashdot.org)

TJX Security Breach Described

Posted by kdawson on from the details-emerging dept.

Bunderfeld notes more details coming out about how bad guys got into the TJX network. Last time we discussed this, the best information indicated that a WEP crack had started the ball rolling. Now we learn that instead, or in addition: "Poorly secured in-store computer kiosks are at least partly to blame for acting as gateways to the company's IT systems, InformationWeek has learned. According to a source familiar with the investigation who requested anonymity, the kiosks, located in many of TJX's retail stores, let people apply for jobs electronically but also allowed direct access to the company's network, as they weren't protected by firewalls. 'The people who started the breach opened up the back of those terminals and used USB drives to load software onto those terminals,' says the source. In a March filing with the Securities and Exchange Commission, TJX acknowledged finding 'suspicious software' on its computer systems."

3 of 104 comments (clear)

  1. owned by Anonymous Coward · · Score: 0, Troll

    THE HAXXXXXXXX

  2. sex wiyth ad shit by Anonymous Coward · · Score: -1, Troll

    BSD's c0debase tto many rules and be a cock-sucking were compounded Driven out by the to have to decide to any BSD project,

  3. They won't be the only finger pointers. by Anonymous Coward · · Score: -1, Troll

    "but businesses are not even trying. American Express was/is running Microsoft Internet Explorer on their customer service reps desktops AND they have internet access. With all the holes found every day in this combination, these customer service reps use the same browser to access AMEX customer databases."

    Of course Firefox would be better.