Dan Goodin, The Register 2008-05-27
TJX Companies, the mammoth U.S. retailer whose substandard security led to the world's biggest credit card heist, has fired an employee after he left posts in an online forum that made disturbing claims about security practices at the store where he worked.
Colapse all |
Post comment
TJX employee fired for exposing shoddy security
2008-05-27
Sativa
Sativa
This is definitely a good thing. TJX had how long to close those holes. It's a big corporation using their muscle to deceive the public into thinking everything is "ok" when it obviously is not. This is 2008 - anyone in IT should know what a strong password is. Even if they don't, they should at...
[ more ] [ reply ]
[ more ] [ reply ]
TJX employee fired for exposing shoddy security
2008-05-28
Anonymous
Anonymous
"Other security issues included a store server that was running in administrator mode, making it far more susceptible to attackers."
Not only do I not know what you mean here, but I can't even begin to be sold that this strange "administrator mode" makes if far more susceptible to attackers, per ...
[ more ] [ reply ]
Not only do I not know what you mean here, but I can't even begin to be sold that this strange "administrator mode" makes if far more susceptible to attackers, per ...
[ more ] [ reply ]
Rock and a hard place...
2008-05-28
Kohl (1 replies)
Kohl (1 replies)
I am in total agreement that these security flaws should have been fixed ... however, I can see why some stores went back to weak/blank passwords. You don't need a college degree, or even a high school diploma to get a job at stores like TJX. The managers, who don't want to be fired for being insens...
[ more ] [ reply ]
[ more ] [ reply ]
Self interest?
2008-05-29
Anonymous
Anonymous
The phrase "self interest" usually implies he expects to profit from his action. (fta: "But he says his actions were also fueled by a healthy dose of self-interest" - reporter paraphrases the ex-employee)
But then the self interest is revealed as concern for his personal data on the store server. ...
[ more ] [ reply ]
But then the self interest is revealed as concern for his personal data on the store server. ...
[ more ] [ reply ]
TJX employee fired for exposing shoddy security
2008-05-29
Anonymous
Anonymous
I am a White-Hat Hacker. What happens at TJX as far as security is just like every company I have had the pleasure to hack. You data is available to anyone who really wants it. Microsoft's security can't keep out the honest people. If you really want to see how bad security is watch:
http://vid...
[ more ] [ reply ]
http://vid...
[ more ] [ reply ]
TJX employee fired for exposing shoddy security
2008-06-09
Anonymous
Anonymous
Actually, running a computer in administrator mode allows the end user total control over said terminal. For example, most computers in major companies do not have admin rights, and as such, employees can not install software without someone from IT giving the "ok." With administrator mode (the def...
[ more ] [ reply ]
[ more ] [ reply ]
TJX employee fired for exposing shoddy security
2008-12-04
Anonymous
Anonymous
Having been in a somewhat similar situation AND responsible for InfoSec and Compliance (minus the firing) at one of the "Big 4" card companies who mandates the PCI compliance, it saddens me that large risks are swept under the carpet. Knowing what I do, having witnessed several CISSP/CISM/CISA-cert...
[ more ] [ reply ]
[ more ] [ reply ]
[ more ] [ reply ]