http://www.forbes.com/sites/insertcoin/2015/07/09/lizard-squad-hacker-who-shut-down-psn-xbox-live-and-an-airplane-will-face-no-jail-time/ By Paul Tassi Contributor Forbes.com 7/09/2015 Last Christmas, a hacking collective known as the “Lizard Squad” managed to take down PSN and Xbox Live right as everyone was attempting to play their consoles during holiday, creating one of the worst outages in the history of either network. The attacks soon evolved into a more personal nature, targeting then-president of Sony Online Entertainment, John Smedley, which included posting his personal details and actually grounding an American Airlines flight he was on with a Twitter TWTR -1.15%-issued bomb threat. Since then, everyone has been wondering just who the members of Lizard Squad were and if they’d ever be brought to justice. Recently, one individual, 17 year-old Julius “zeekill” Kivimaki was identified, and after standing trial in his native Finland, has just been convinced of an incredible 50,700 charges of computer-related crimes. He will serve a two-year suspended sentence, and effectively face no jail time. If you imagine the general public might be upset about such a lax sentence, you’d be right, but no one is more angry than John Smedley himself, now leading Daybreak, the studio responsible for games like H1Z1 and Planetside 2. […]
http://time.com/3817582/boy-arrested-computer-background/ By Laura Stampler @LauraStampler Time.com April 10, 2015 Pranksters be warned Eight-grader Domanik Green was arrested on felony charges in Holiday, Fla. Wednesday after breaking into his teacher’s computer to change the background picture to two men kissing. Green, 14, who was released the day of his arrest, said that he broke into the computer of teacher he didn’t like after realizing that faculty members’ passwords were simply their last names, the Tampa Bay Times reports. Green, who previously faced a three-day suspension for a similar prank, said that many students got in trouble for breaking into teachers’ computers. “Even though some might say this is just a teenage prank, who knows what this teenager might have done,” Sheriff Chris Nocco told the Tampa Bay Times Thursday. […]
http://www.thedenverchannel.com/news/u-s-world/guardians-of-the-peace-themed-prank-against-cnn-leads-tennessee-man-to-spend-holiday-with-the-fbi By Jamie Satterfield 7News Denver Jan 2, 2015 Knoxville, Tenn. – A Tennessee man’s Internet jab at what he says is an unquestioning media put him in the national spotlight and, on Thursday, the cross hairs of the FBI. Freelance writer and Web designer David Garrett Jr. began his New Year’s Day at the Knoxville headquarters of the FBI, where two agents questioned whether he was a hacker involved with the Guardians of the Peace, a group claiming responsibility for the recent hacking of Sony. “I’m pretty smart, but I’m not a hacker,” Garrett told the News Sentinel after his visit with the FBI. The FBI confirmed earlier Thursday a planned interview with Garrett, and the News Sentinel was at the agency’s facility in West Knoxville when Garrett was escorted into the building and when he exited an hour later. However, the agency did not respond to a request for comment. […]
Please accept with no obligation, implied or implicit, my best wishes for an environmentally conscious, socially responsible, low-stress, non-addictive, gender-neutral celebration of the winter or in some locations summer solstice holiday, practiced within the most enjoyable traditions of the religious persuasion of your choice, or secular practices of your choice, with respect for the religious/secular persuasion and/or traditions of others, or their choice not to practice religious or secular traditions at all. I also wish you a fiscally successful, personally fulfilling and medically uncomplicated recognition of the onset of the generally accepted calendar year 2015, but not without due respect for the calendars of choice of other cultures whose contributions to society have helped make America great. Not to imply that America is necessarily greater than any other country nor the only America in the Western Hemisphere. Also, this wish is made without regard to the race, creed, color, age, physical ability, religious faith or sexual preference of the wishee.
http://www.wired.com/2014/12/top-ten-card-breaches/ By Kim Zetter Threat Level Wired.com 12.02.14 The holiday buying season is upon us once again. Another event that has arrived along with the buying season is the season of big box retailer data breaches. A year ago, the Target breach made national headlines, followed shortly thereafter by a breach at Home Depot. Both breaches got a lot of attention, primarily because the number of bank cards affected was so high—more than 70 million debit and credit card numbers exposed in the case of Target and 56 million exposed at Home Depot. Luckily, very little fraudulent activity occurred on the stolen card numbers, primarily because the breaches were caught fairly soon, making them relatively minor incidents in the scheme of things, compared with other breaches that have occurred over the years that resulted in losses of millions of dollars. The Target breach was notable for one other reason, however: when it came to security, the company did many things right, such as encrypting its card data and installing a multi-million-dollar state-of-the-art monitoring system not long before the breach occurred. But although the system worked exactly as designed, detecting and alerting workers when it appeared that sensitive data was being exfiltrated from its network, workers failed to act on these alerts to prevent data from being stolen. Below, we look back on a decade of notable breaches, many of which happened despite the establishment of Payment Card Industry security standards that are supposed to protect cardholder data and lessen the chance that it will be stolen or be useful to criminals even when it’s nabbed. The PCI security standard (.pdf) which went into effect in 2005, is a list of requirements — such as installing a firewall and anti-virus software, changing vendor default passwords, encrypting data in transit (but only if it crosses a public network) — that companies processing credit or debit card payments are required by card companies to have in place. Companies are required to obtain regular third-party security audits from an approved assessor to certify ongoing compliance. But nearly every company that was victim to a card breach was certified as compliant to the PCI security standard at the time of the breach, only to be found noncompliant in a post-breach assessment. […]
http://www.eweek.com/security/many-americans-say-they-will-avoid-breached-retailers-study-shows.html By Robert Lemos eWEEK.com 2014-10-22 Following security breaches, more retail stores may feel a slump from lack of customer confidence, a new study suggests. Retail stores hit by cyber-criminals have to worry about consumer backlash, as customers are more likely to avoid compromised retailers, according to a study released this week by CreditCards.com. The survey of 865 Americans by phone found that 45 percent would either “definitely” or “probably” not shop at a retailer this coming holiday, if they learned that the company had been breached by attackers. The interviews, carried out by Princeton Survey Research Associates International, also found that higher-income and college-educated respondents were less likely to punish retailers for security breaches. Yet, while consumers worry about breaches, those concerns many not be enough to keep them away from holiday sales, Matt Schulz, senior industry analyst for CreditCard.com, told eWEEK. “I think that generally most people will just keep doing what they are doing, and either not worry about it because they are busy and have other things to worry about, or because the message is getting out there that the actual liability you have is actually really low,” […]
http://www.fool.com/investing/general/2014/05/13/tjx-succeeds-where-target-struggles.aspx By Eric Novinson Fool.com May 13, 2014 Shares of Target (NYSE: TGT ) fell by about 3% on Monday May 5, 2014 after the big-box retailer announced that Greg Steinhafel would no longer head up the company as its CEO. This move marked the second high-profile departure related to the data breach at the retailer, as CIO Beth Jacob left the company back in March. However, the data breach just added to the problems that Steinhafel faced at Target. A problematic expansion push into Canada and competition from other retailers have also hit Target’s results. As a result of this, Target posted mixed results for the fourth quarter while its competitor TJX (NYSE: TJX ) posted much stronger results for the period. Target’s recent results Target ended 2013 on a weak note, both domestically and in Canada. In its last earnings report, Target announced that its fourth-quarter sales fell 3.8%, although full-year sales still showed a small rise of 0.9%. Target’s gross margin for the quarter in its domestic operations also narrowed from 27.8% to 27.6% year-over-year, although the full-year gross margin actually showed a minor gain rising from 29.7% to 29.8%. With the heavy price promotions going on at many retailers during the 2013 holiday season, this actually looks impressive as Target did not take a huge hit to its margins for the period. These figures show that even though the last quarter of 2013 didn’t go too well for Target, it wasn’t a total catastrophe as the retailer still managed to show small gains on two important metrics for the year. Target’s diluted earnings per share fell more sharply for the year from $4.52 to $3.07, although most of this stemmed from the $1.13 per share impact of Target’s Canada push. However, the retailer still retains some powerful competitive advantages. The case for Target Target sells competitively priced but attractive clothing, appliances, household decorations, food, and many other things. While it doesn’t always have the inventory selection of a category killer, it usually has an inexpensive item available to satisfy most needs. The company can use price competition to beat higher-end retailers, and its design and fashion appeal can help it beat deep discounters. In addition, the company has also expanded its food lineup by adding fresh groceries. Wal-Mart and the dollar stores also see fresh groceries as a promising growth area. Target also has international expansion potential, even if its Canadian launch didn’t work out as well as it expected. Also, Target isn’t the only discounter that’s lost data to a hack. […]
http://www.chicagobusiness.com/article/20140325/BLOGS11/140329865 By John Pletz On Technology Crains Chicago Business March 25, 2014 Trustwave Holdings Inc., a Chicago-based credit card security company, was sued alongside Target Corp. by banks who say they suffered financial damages when the retailer was hacked during the holiday shopping season. Although the most serious allegations are leveled at Target, the suit alleges that Trustwave failed to identify deficiencies in the retailer’s IT systems. Trustwave’s software audits companies’ IT systems to make sure they comply with credit card security regulations. The lawsuit is a blow to Trustwave, which according to the complaint says it has “performed more Payment Card Industry Data Security Standard (PCI DSS) Certifications than all other companies combined.” It’s also the first time the company, which keeps a low profile and is loath to discuss its customers, has been publicly connected to the Target breach. […]