Mais um dia, mais uma data breach. Está a comunicação social a divulgar a violação de dados da Delta Air Lines e a Sears Holdings, e também a empresa Best Buy confirma ter sido impactada pelo incidente.
A Best Buy é uma empresa que fornece serviços de conversação para clientes por telefone ou computador, enquanto o [24] fornece serviços on-line para empresas em diferentes setores, incluindo Delta Air Lines e Sears Holdings, o que significa que outras empresas podem também ter sido afetadas.
Entretanto, a Best Buy já fez saber que notificará os clientes afetados.
No momento de escrita da notícia, há uma novidade sobre a extensão da violação do cartão de crédit. A Best Buy apontou que apenas uma pequena fração dos clientes on-line foi afetada pelo hack.
“We, like many businesses, use a third-party for the technology behind this service and that company, [24]7.ai, told us recently that they were the victim of a cyber intrusion. Their information suggests that the dates for this illegal intrusion were between Sept. 27 and Oct. 12, 2017. [24]7.ai has indicated that customer payment information may have been compromised during that time and, if that were the case, then a number of Best Buy customers would have had their payment information compromised, as well.” reads the security advisorypublished by Best Buy.
“As best we can tell, only a small fraction of our overall online customer population could have been caught up in this [24]7.ai incident, whether or not they used the chat function.”
A Delta publicou um comunicado de segurança de forma a notificar os seus clientes. A companhia aérea especula que os atacantes infetaram os sistemas com um malware que conseguiu desviar dados de cartões de crédito inseridos em websites que usam o software [24] 7.ai. Parece que os clientes das empresas afetadas podem ter sido afetado mesmo que não tenham usado diretamente a funcionalidade.
“We understand malware present in [24]7.ai’s software between Sept. 26 and Oct. 12, 2017, made unauthorized access possible for the following fields of information when manually completing a payment card purchase on any page of the delta.com desktop platform during the same timeframe: name, address, payment card number, CVV number, and expiration date.” reads the advisory published by Delta Airline.
“No other customer personal information, such as passport, government ID, security or SkyMiles information was impacted.”
Segundo a Delta, centenas de milhares de clientes foram afetados pela data breach.
Pedro Tavares is a professional in the field of information security working as an Ethical Hacker/Pentester, Malware Researcher and also a Security Evangelist. He is also a founding member at CSIRT.UBI and Editor-in-Chief of the security computer blog seguranca-informatica.pt.
In recent years he has invested in the field of information security, exploring and analyzing a wide range of topics, such as pentesting (Kali Linux), malware, exploitation, hacking, IoT and security in Active Directory networks. He is also Freelance Writer (Infosec. Resources Institute and Cyber Defense Magazine) and developer of the 0xSI_f33d – a feed that compiles phishing and malware campaigns targeting Portuguese citizens.
Read more here.