Request a Demo
Cygilant Blog

How Does a Cardholder Data Breach Happen?

Posted by Vijay Basani on Dec 21, 2016

What happens when card security can't hold back the hackers?
What happens when card security can't hold back the hackers?

Due to the fact that credit and debit card data can be used to anonymously purchase goods and transfer money online, this information has become highly sought after in the criminal underworld. Hackers are compensated generously for gaining access to these cards, and are therefore motivated to break into the systems that hold them. 

But exactly how do these individuals go about getting a hold of this information? Let's dive in: 

Skimmers have been popular for a while

When it comes to stealing data from a single person at a time, there are few tools better than a card skimmer. These devices are placed on top of the actual card readers that businesses put out for their customers, and they're highly effective.

When a customer swipes his or her card to pay for something, the readers receive the information from the black magnetic strip on the back. This strip holds every scrap of data needed to process a payment. While this works perfectly well in a regular vendor situation, it's basically a single line of defense against hackers. A legitimate-looking skimmer placed on top of the reader would also be able to steal this financial data without raising any alarms. 

"Restaurants, bars, and ATMs are all considered good targets for card skimmers."

According to the National Association of Convenience Stores, restaurants, bars, and ATMs are all considered prime targets for this kind of fraud. However, the big money makers are the fuel dispensers at gas stations. People often don't think twice about swiping their card at these stations, and unlike ATMs, each dispenser generally doesn't have a camera that could catch someone installing a skimmer. 

It's more efficient to go after POS systems

That said, a card skimmer is only able to catch one card's information at a time. While this works on a small scale, the real money is in going after the systems that house and transfer card data, namely point-of-sale systems. 

A POS solution is the software and tech involved in retail purchasing, and can include the computerized cash register, card reader, and anything else needed to make a sale. While gaining access to these systems often works like a skimmer in the sense that POS malware generally only records data when a card is swiped, the big advantage here is that you can breach a huge organization all at once. 

"A POS solution is the software and tech involved in retail purchasing."

A good example of this is the breach that hit Home Depot. According to Brian Krebs, a malware variant called BlackPOS was able to steal card information from POS solutions that were running on Microsoft Windows. By strategically and silently infiltrating this system, the hackers behind this attack were able to gain access to the card information of nearly 56 million customers, according to Time. 

Although the POS malware has since been stripped from Home Depot's systems, the damage has been done, and Time reported that the incident was expected to rack up nearly $62 million in damages for the company. Of course, this doesn't take into account the reputational blow such an attack has on an organization, which can be incredibly hard to overcome.

How You Can Gain Peace of Mind

EiQ offers two SOCVue® hybrid security-as-a-service solutions that can help organizations of any size affordably and effectively improve their cybersecurity and compliance posture:

  • SOCVue Security Monitoring gives you visibility and control over your IT environment. You’ll get best-of-breed Log Management and SIEM that is managed around-the-clock for real-time threat detection, analysis and notification, proactive remediation guidance, and compliance auditing.
  • SOCVue Vulnerability Management reduces your attack surface and mitigates risk with unlimited managed scans, analysis, risk prioritization, and remediation guidance. Focus on what matters most: your core business.

EiQ’s SOCVue combine the best people, process, and technology to build the enterprise-class IT security program your organization needs. That’s because SOCVue gives you the flexibility and cost savings of a security software-as-a-service offering, but also provides a world-class team of security and technology experts to manage the technology and help implement cybersecurity best practices.

With all the challenges you face today while trying to keep your organization safe, having the best IT security solutions in your corner should not be one of them. Download our whitepaper below and to see how quickly and affordably you can improve your security and compliance posture with EiQ.

Improve Your Cybersecurity Posture

Tags: Cybercrime, Cyber Attack, Data Breach, Cybersecurity, PCI DSS

Subscribe to Email Updates

Experience how Cygilant SOCVue and 24x7 GSOC Team can help detect threats, prioritize vulnerabilities and apply patches.

Request a Demo

Most Recent Posts

Posts by Topic

See All