They've become a massive target because of all the recent news with apple pay and whatnot
They're a payments platform, they should expect to ALWAYS be a HUGE target no matter WHAT the news is. If it's not the Apple & Google fans it will be the Chinese & Russians.
This is a pre-release system, it wouldn't be surprising to me if they just stole some logs off an under-protected email server that is being used to testing or something
Why would a pre-prod system even be accessible to the outside world? It shows a lack of judgement and experience in security that they either made an known insecure pre-production system accessible by the outside world OR they were not competent enough to secure the server properly. They are either ignorant or incompetent, neither of which are good when talking about a payment processor.
They're not just a payments platform that contains 16 digit CC#s, they also contain SSIDs, Drivers Licenses, Checking/Routing #s and the PID that goes along with that. My god, if you had that data, you could create all the 16 digits credit cards you would want, by forging those people's IDs. You could even create bank accounts in their name, and probably get a Passport.
They're a payments platform, they should expect to ALWAYS be a HUGE target no matter WHAT the news is. If it's not the Apple & Google fans it will be the Chinese & Russians.
This is a pre-release system, it wouldn't be surprising to me if they just stole some logs off an under-protected email server that is being used to testing or something
Why would a pre-prod system even be accessible to the outside world? It shows a lack of judgement and experience in security that they either made an known insecure pre-production system accessible by the outside world OR they were not competent enough to secure the server properly. They are either ignorant or incompetent, neither of which are good when talking about a payment processor.