[ISN] Home Depot breach a near certainty, yet Backoff remains a question

http://arstechnica.com/security/2014/09/home-depot-breach-a-near-certainty-yet-backoff-remains-a-question/ By Robert Lemos Ars Technica Sept 4, 2014 Home Depot has not yet confirmed that a slew of fraudulent transactions came from a breach of its systems, yet an increasing body of evidence is mounting that points to a massive compromise linked to the home-supply retail chain. Financial institutions first detected the suspected breach when a wave of fraudulent transactions on cards had been used at Home Depot. On Wednesday, journalist and blogger Brian Krebs, who originally broke the story, analyzed the zip codes of a recent batch of stolen cards offered for sale on the underground and found a 99 percent match with the locations of Home Depot’s stores. Such a correlation is a “smoking gun,” Lucas Zaichkowsky, enterprise defense architect at AccessData, a digital forensics and security services firm, said in an e-mail interview. Whether Home Depot has been breached is no longer a question, he said. “The bigger question is why Home Depot didn’t detect the attackers as they maneuvered from their initial entry point past multiple layers of defense, performing internal reconnaissance and escalating privileges in the process,” Zaichkowsky said. […]