Unjustified optimism and ignorance of hacker vulnerabilities in one's data systems led to the largest data mining in history.
The historic theft involved five corporate data hackings, between 2006 and 2008, including Heartland, Hannaford, 7-Eleven and two unnamed companies, according to Channel Web. US investigators say the team scanned lists of Fortune 500 companies and learned about their checkout counter machines (also known as point-of-sale systems). Then they would write specific codes to corrupt their data systems and launch a virus from computers in the United States and Europe to pull hundreds and thousands of credit card numbers, and sort through them using a "sniffer," which is basically a data analysis system that decodes big chunks of information.
How Do You Steal 130 Million Credit Card Numbers?PC World:
Here are three tips to help you protect your data and make sure you don't become the next Heartland Payment Systems.
1. Wireless security. Wireless networks exist in most businesses these days. The thing about wireless networks is that they let employees roam about and still stay connected to the network, but they also provide an opportunity for unauthorized users who are within range of the wireless access point to gain access as well. The data breaches at TJX and Lowes were both made possible through weak or non-existent wireless network security.
Wireless networks should be segregated from the primary network to provide an extra layer of protection. The wireless connection should be secured with WPA or WPA2 encryption at a minimum. It is even better if some other form of authentication is used to access the wireless network.
2. Compliance.
Payment Card Industry Data Security Standards (PCI DSS) requirements.
3. Diligence. ... you have to monitor intrusion detection and prevention system activity, firewall logs, and other data to stay alert for signs of compromise or suspicious activity.
How to Prevent a Heartland-Style Data Breach