Welcome Guest. | Log In| Register | Membership Benefits
  • Email this page E-mail this page
  • |  Print Print this page
  • |   Bookmark and Share

Ukranian Suspect Could Help Break TJX Case

Details of the TJX hack begin to rapidly unfold thanks to a recent arrest

Aug 22, 2007 | 02:47 AM

By Kelly Jackson Higgins
DarkReading

The layers of the TJX hack may be closer to unfolding: A Ukrainian man recently arrested in Turkey could bring authorities a step closer to identifying the masterminds behind the breach, where hackers stole files on millions of credit and debit card number accounts from TJX's network, according to published reports. (See The Face of Identity Theft and Hacking the Real TJX Story.)

Maksym Yastremskiy, a 24-year-old who was arrested by Turkish authorities a few weeks ago, is suspected of allegedly selling some of the credit and debit card numbers that were stolen from TJX transaction-payment processing systems. A U.S. Postal Inspection Service official told reporters that it appears that Yastremskiy could be a big-time trafficker in the stolen data -- including data from the TJX breach.

He allegedly sold the stolen account numbers online, according to reports, and the hope is he will lead authorities to the actual ringleaders of the TJX breach.

The break-in left around 45.7 million TJX customer credit card and debit card accounts at risk, and TJX has said it will cost the company around $118 million.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.


Subscribe to RSS










Bugs
ENTERPRISE VULNERABILITIES
Vulnerability:cxf
Published:2010-08-19
Severity:High
Description:Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel, Apache Chemistry, Apache jUDDI, Apache Geronimo, and other products, does not properly reject DTDs in SOAP messages, which allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via a crafted DTD, as demonstrated by an entity declaration in a request to samples/wsdl_first_pure_xml, a similar issue to CVE-2010-1632.
Vulnerability:libvirt
Published:2010-08-19
Severity:Medium
Description:Red Hat libvirt, possibly 0.6.1 through 0.8.2, looks up disk backing stores without referring to the user-defined main disk format, which might allow guest OS users to read arbitrary files on the host OS, and possibly have unspecified other impact, via unknown vectors.
Vulnerability:libvirt
Published:2010-08-19
Severity:Medium
Description:Red Hat libvirt, possibly 0.7.2 through 0.8.2, recurses into disk-image backing stores without extracting the defined disk backing-store format, which might allow guest OS users to read arbitrary files on the host OS, and possibly have unspecified other impact, via unknown vectors.
Vulnerability:libvirt
Published:2010-08-19
Severity:Medium
Description:Red Hat libvirt, possibly 0.6.0 through 0.8.2, creates new images without setting the user-defined backing-store format, which allows guest OS users to read arbitrary files on the host OS via unspecified vectors.
Vulnerability:libvirt
Published:2010-08-19
Severity:Low
Description:Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying and deleting an NFS directory tree.


Briefing Centers
POWERFUL INFORMATION
AT YOUR FINGERTIPS
(SPONSORED LINKS)