Using WEP Led To Massive Credit Card Data Theft

May 15th, 2007

Computer SecurityChad’s News hasn’t previously mentioned the massive TJX credit card data theft, but it’s worth noting what caused the security breach. TJX Companies is a large department store chain with such names as T.J. Maxx and Marshalls. Last December they discovered their network had been compromised for 18 months, and that credit card data for over 45 million customers had been stolen. Let’s repeat that number: 45 million customers. The whole thing started in 2005 when hackers broke the (woefully inadequate) wireless encryption of a Marshalls store in Minnesota. Apparently the wireless network used the WEP protocol, which is obsolete and can be cracked in a matter of minutes. Because of this gross negligence, it’s estimated that TJX will be on the line for over $1 billion in damages. To prevent this type of thing from happening to your network, be sure to use a more modern encryption scheme such as WPA/WPA2.


Leave a Reply


HTML: You can use these tags.