IHG Confirms Properties Compromised by Credit Card Breach

Standard

InterContinental Hotel Group (IHG), parent company of Crowne Plaza and Holiday Inn, confirms it’s properties impacted by the credit card breach last year. According to IHG, between August 2016 and December 2016 malware was found on its servers used to process credit cards.

According to IHG’s report, “Findings show that malware was installed on servers that processed payment cards used at restaurants and bars of 12 IHG managed properties. Cards used at the front desk of these properties were not affected.”

The report goes on to say the malware searched for track data, including: cardholder name, card number, expiration date, and internal verification code, which was taken from the magnetic stripe of the card as it was being transmitted through the affected server.   

If you were a patron at any of the affected areas during August 2016 to December 2016, please watch your credit card statements carefully and report any fraudulent charges to your credit card company immediately.

Malware has been the source of most of the credit card breaches in recent years. It is usually installed by hacked remote administration tools, according to KerbsOnSecurity. Once the malware is installed onto the devices the attacker can remotely gather data from each card swiped on that device. The stolen data can then be embedded on any card with a magnetic stripe and used for purchases.

The investigation is ongoing and no one knows the actual scope of this breach. However, IHG has been working with security firms to review their current security policies, confirm that the affected servers have been remediated and evaluate how to enhance their security. “We have also notified law enforcement and are working with the payment card networks so that the banks that issue payment cards can be made aware and initiate heightened monitoring on the affected cards,” Says IHG.

For a list of IHG’s impacted properties click here.

Advertisements

How Can You be Protected from Credit Card Fraud this Holiday Season?

Standard

Many people, especially baby boomers cringe when they hear the words Apple Pay. Apple Pay completely pushes that generation out of their comfort zone.  Even some millennials get weary when thinking about saving your credit card information on a phone, and swiping the phone instead of the card.

Is this actually a safe way to pay in store? Doesn’t that make it extremely easy for criminals to take our information? According to CEO of Network Security Firm, Night Lion Security’s Vinny Troia – it is actually way safer. How can this possibly be? Troia Goes on to explain that Apple Pay (even though cringe-worthy) is a very safe way to pay at the check out.

How can this be?

The credit card number is completely randomized and when the transaction is made, that number is never transmitted. There is literally nothing to steal. Mind blown.

Troia has more to say on this subject, however. There are ways in which consumers do need to be careful. Watch his latest appearance on CNBC to find out how you can be safe during this holiday season:

U.S. Steel Blames China of Hacking

Standard

U.S. Steel Corp. in Pittsburgh is accusing the Chinese government hackers of stealing private methods for creating a lightweight steel. The complaint filed with the International Trade Commission said a Pittsburgh researcher’s computer was hacked in 2011. The ITC is deciding whether they need to investigate the matter further.

China’s Commerce Ministry advised U.S. to discard the complaint since they are “completely without factual basis.”

The plans that were apparently stolen included the chemistry for the alloy and its coating, the temperature for heating and cooling the metal, and the layout of the production lines. The hackers stole designs that were made for U.S. Steel’s most valuable products, a metal called Dual-Phase 980. After the hacking occurred, according to the World Steel Association, a Chinese steel company called Baosteel Group Corp. had a new line of products, including the Dual-Phase 980. Baosteel explains these accusations as “complete nonsense.”

Visit Security Services Provider to learn how you can prevent hacking.

Watch Out for credit card skimmers at gas stations

Standard

Recently credit card skimming devices have been found in gas stations in the St. Louis area. Although these ones are occurring in St. Louis, this happens everywhere. Officers are finding them all the time in gas pumps, so it is very important to stay on track of your credit/debit card bills. These skimming devices are used more at gas stations than ATMs because the pumps are easily accessible and even sold online.

Skimming devices are very hard to avoid and even the new chip credit cards can be hacked, stated Vinny Troia, Cyber Security Expert and CEO of Night Lion Security. Troia’s only advice to prevent being hacked this way is to check your statement’s regularly.

Watch the video from FOX 2 News here.

Apple versus the FBI

Standard

A recent, trending topic is the battle between Apple and the FBI over an iPhone recovered from the investigation of the San Bernardino massacre last December. The FBI asked Apple to help break into the phone and Apple refused. Then the FBI got a court order for Apple to create a forensics tool and Apple is in the midst of fighting the order.

As most people know, Apple is known for their guarantee of user privacy. The Feds are accusing the firm of selecting their “public brand marketing strategy” over a terrorism investigation. What a lot of people do not know is that creating this tool would be extremely dangerous because it would result in this hacking tool being made public, which means usable by any law enforcement, foreign governments and criminal organizations. This is the reason why Apple is fighting.

Visit St. Louis Cyber Forensics and Investigation Firm for any questions or in need of a free consultation.

 

Rise in WordPress hacks

Standard

An increasingly vast number of WordPress sites are being hacked to deliver ransomware and other horrible software to unsuspecting users. It is not yet clear how this is happening but it is being looked into considerably. Anyone who visits WordPress sites using out-of-date versions of Adobe Flash Player, Adobe Reader, Microsoft Silverlight, or Internet Explorer can find their computers infected with the ransomware package, which puts a hold on your computer system until you pay a hefty ransom.

This malware is set up to infect only first-time visitors to avoid detection by researchers visiting the site. To disguise the attack moreover, the code redirects users through a series of sites before delivering the malware. It is a possibility that hackers are consistently refreshing when old ones get flagged.

Once a system gets infected, the malware installs a variety of backdoors on the web server; this causes many hacked sites to repeatedly get infected. To prevent reinfection, you need to isolate every site or update and protect all of them at the same time.

This goes to show that malware can exist on sites that people trust. The best way to prevent hacks is to be up-to-date on security updates when they become available.

Malware and ransomware detection removal

White House advises new Cyber Security Plan

Standard

Cyber attacks occur almost every week and do not look like they will slow down anytime soon which is why it is crucial to create an effective cyber security plan. The White House has recently proposed a plan that they think will help lessen cyber attacks and increase government response rate. This plan proposes to renovate outdated computer systems since it is much easier for hackers to break in. They also aim to train and recruit people for federal jobs that focus on cyber security, according to an article from Wall Street Journal.

This cyber security plan expects to cost $19 billion, which is a 35% increase in the cyber security budget. The plan expects to begin October 1st and end September 30th 2017. This plan will not stop cyber attacks but rather decrease the amount and increase response rate.

Click here to read more on the article.