Two More Companies Just Had Customer Data Breached

November 21, 2018

Written by wukovits

two more companies just had customer data breachedHow long does it take from when hackers steal credit card data from a given company until it appears for sale on the Dark Web?

The answer varies from one hacker to the next, but the short answer is ‘not very long.’  The more precise answer, at least in the case of New Egg and British Airways, (both of whom were hacked recently) is, ‘just over one week.’

According to a recent report published jointly by RiskIQ and Flashpoint, credit card information stolen from both companies is already available for sale. In fact, by the time you read these words, it may already be in use by other hackers who purchased the data on the Dark Web.

The two companies identify “Group 6” as being the group behind the New Egg and British Airways attack. They highlighted the fact that the attack was extraordinarily selective. The group specifically targeted organizations guaranteed to have a high volume of both traffic and completed transactions.

The report features screenshots of an ad posted on the Dark Web advertising a dump of more than 500,000 credit card numbers and complete payment details being sold at prices ranging from $9 to $50 each.

In spite of this, British Airways continues to insist that there have been no verified instances of compromised card numbers from their system.  Unfortunately, BA’s word on the matter is scant comfort and no protection whatsoever.

ESET UK cyber security expert Jake Moore offered this advice to BA users, and others who may have had their payment information compromised:

“If your data was included in this (or any) breach, and if you haven’t already, you’ll need to take action to protect yourself.  Call your bank or card issuer, cancel the card and request a new card.  No bank will ever mind being contacted for you being cautious.”

Excellent advice all around.

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

Key Considerations for Effective Cybersecurity Implementation

Consider this: In the realm of cybersecurity, things often get tangled in the web of "you should do it anyway" arguments. Yet, for busy business owners bombarded with daily "must-dos," deciphering the essentials from the fluff can feel like a cyber maze. We aim to...

Major Cyber Attack at OMV

Louisiana’s Office of Motor Vehicles (OMV) is one of a still undetermined number of government entities, major businesses, and organizations to be affected by an unprecedented Data Breach.There is no indication at this time that cyber attackers who breached MOVEit...