Massive credit card breach at Arby’s

Topic

New Reply

Brian Krebs has the details on an alert that 355,000 credit and debit cards may have been compromised at Arby’s stores.
[See the full post at: Massive credit card breach at Arby’s]

Reply | Quote

Replies

There wouldn’t be so much credit card fraud if merchants / banks (not sure who is responsible) would require a PIN rather than a signature at the point of purchase, when you use a chip-enabled card:

http://www.marketwatch.com/story/credit-card-signatures-are-almost-useless-but-banks-wont-give-them-up-2015-01-07

A PIN provides a second layer of security; the only thing a signature provides is a way for the cashier to see if it matches the signature on the back of your credit card. And it’s been a long time since I’ve seen a cashier actually compare the signatures.

I’ve noticed that my debit card always lets me choose to enter a PIN, but not my credit card.

I suppose we could switch to cash. I wonder if the ATMs are safe!

Group "L" (Linux Mint)
with Windows 10 running in a remote session on my file server

Reply | Quote

EEEEk! that’s scarey I guess my “Fave” Roast Beef & Cheddar is on hold for a while. Is nothing sacred anymore? Ahh well it’ll save a few lb’s aoround the old waistline.

You got to wonder about online transactions and the current nature of the software running this stuff. If Win 10 LTSB is slated with a 10 year shelf/active life powering these devices whats the state of exploits going to be like 10 years down the road? As @MrJimPhelps states what about ATM’s I read last year about many of them still using a Version of XP as is, get this, London’s Met. Police. That’s why XP users can still get updates after a bunch of complicated “Finagling” and I believe its not the Ver. of XP we knew and Loved/hated. Apparently its some sort of one off contract to provide support but how many other mission critical systems are out there using outdated technology. There could be a case same as @ch100 said for keeping current with the “latest & greatest” M$ offering and certainly so for anything requiring a modicum of online security. As most of us like the “Devil we Know”, don’t like change for changes sake, don’t want to play the hardware update game, and particularly despise M$’s underhanded forced upgrade tactics. We remain in a limbo of, potentially, unsecured machines and “running before the wind” patching to keep ahead of the “Bad Guys”. I am sure M$ could probably modify Win7 and bring it up to date (probably a bored Tech could do it in an afternoon in Redmond) goodness only knows that’s about the time it takes me to compile an updated Win7 UEFI image for deployment/installation.

Ahh well I guess its Subway for Lunch from now on! besides its apparently healthier for you. Sure looks like a lot of “Rabbit food” on a “Foot long”

Reply | Quote

@ BobbyB,

About POS terminal software, from Wiki,

“Reliability depends not completely on the developer but at times on the compatibility between a database and an OS version. For example, the widely used MS Access database system had a compatibility issue when Windows XP machines were updated to a newer Windows OS. No solution was immediately offered by Microsoft. Some businesses were seriously disrupted in the process, and many downgraded back to Windows XP for a quick resolution. Other companies utilized community support, for a registry tweak solution has been found for this.”

Reply | Quote

@ BobbyB

Fyi,
https://arstechnica.com/business/2011/12/how-hackers-gave-subway-a-30-million-lesson-in-point-of-sale-security/

Reply | Quote

Ohhhh Noooooo! looks like making sandwiches at home for Lunch from now on, surely they cant “hack” a loaf of Bread and Bread board? or can they ………?

Reply | Quote