Kevin Poulsen, SecurityFocus 2004-06-04
In a rare wireless hacking conviction, a Michigan man entered a guilty plea Friday in federal court in Charlotte, North Carolina for his role in a scheme to steal credit card numbers from the Lowe's chain of home improvement stores by taking advantage of an unsecured wi-fi network at a store in suburban Detroit.
Colapse all |
Post comment
Wardriver pleads guilty in Lowes WiFi hacks
2004-06-05
Anonymous
Anonymous
This is the kind of thing that should really stand as a timeless lesson for all the other retailers who decide to implement wireless networks (To name a few ones local to me: Best Buy, CompUSA, Krogers) that have customer sensitive data moving across it.
It should be -- but it won't. This is goin...
[ more ] [ reply ]
It should be -- but it won't. This is goin...
[ more ] [ reply ]
Thank you Lowes
2004-06-07
Anonymous (3 replies)
Anonymous (3 replies)
I am glad to see that Lowes prosecuted these people. If it wasn't for the fact that they were prosecuted, it may have never made it out into the public eye that Lowes doesn't secure their customers private information.
I can tell you due to this, that I will definately not be shopping at Lowes e...
[ more ] [ reply ]
I can tell you due to this, that I will definately not be shopping at Lowes e...
[ more ] [ reply ]
Thank you Lowes
2004-06-07
Anonymous (1 replies)
Anonymous (1 replies)
Hmm...someone sure doesn't like Lowe's (or works/owns stock in HD!)
I'm sure that Home Despots [sic] have their fair share of vulns as do most companies. Don't think for a second that you are any safer shopping one or the other!
Don't want you CC to be exposed? Pay cash!
...
[ more ] [ reply ]
I'm sure that Home Despots [sic] have their fair share of vulns as do most companies. Don't think for a second that you are any safer shopping one or the other!
Don't want you CC to be exposed? Pay cash!
...
[ more ] [ reply ]
Thank you Lowes
2004-06-08
Anonymous (1 replies)
Anonymous (1 replies)
Not that I don't like Lowes or have any affil. with HD...
Just that I am disgusted with Corporate America attempting to do as they please and piss on their customers.
This was a very poor example of, should I even dare to say, "security".
In all honesty, I believe that Lowes should be who i...
[ more ] [ reply ]
Just that I am disgusted with Corporate America attempting to do as they please and piss on their customers.
This was a very poor example of, should I even dare to say, "security".
In all honesty, I believe that Lowes should be who i...
[ more ] [ reply ]
Re: Thank you Lowes
2005-10-11
Anonymous
Anonymous
one they can not use wep with barcode scanners that they have. Two the wlan should be seprate from the lan. wep and wpa suck and can be hacked. They should have done a mac address only and segmented the zones and access into the network. Lowes should be find heavily for not being secure and havi...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Thank you Lowes
2006-05-13
maxtek28@yahoomessenger (1 replies)
maxtek28@yahoomessenger (1 replies)
that comment from anonymous was so lame. these store owners worked with fbi to cach these guys and you say they dont care about people security? your typical social disease blinds you to see only that they had a problem not that they corected it. if you admit this people like you have nothin to cry...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Re: Thank you Lowes
2007-01-07
Anonymous (1 replies)
Anonymous (1 replies)
Exactly
And don't you think that the second something like this happened.. they fixed it. They always take the best care of there customers. It is thier policy. They have one of the toughest security systems possible. and it is thanks to the morons that try stuff like those kids did. They may have ...
[ more ] [ reply ]
And don't you think that the second something like this happened.. they fixed it. They always take the best care of there customers. It is thier policy. They have one of the toughest security systems possible. and it is thanks to the morons that try stuff like those kids did. They may have ...
[ more ] [ reply ]
Wardriver pleads guilty in Lowes WiFi hacks
2004-06-07
Anonymous (2 replies)
Anonymous (2 replies)
I agree with other posts that Lowes was lax in their security. However, I'd like to point out that the security team at Lowes Corporate probably had nothing to do with the installation of the wireless access point that allowed the intrusion. Nowadays anyone can purchase a WAP and install it onto a...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Wardriver pleads guilty in Lowes WiFi hacks
2006-06-02
Anonymous (1 replies)
Anonymous (1 replies)
I agree. I have seen for years these network engineer wanna-bes that take things on themselves and try to score brownie points by doing doing like implementing a wireless network. Any idiot can do it and they do. They want to impress their managers. The mere fact that Lowes discovered this so qu...
[ more ] [ reply ]
[ more ] [ reply ]
Re: Re: Wardriver pleads guilty in Lowes WiFi hacks
2007-01-07
Anonymous (1 replies)
Anonymous (1 replies)
Agreed.
And not to mention that all of these other people are reading this inraged.. it happened in 2004 people!! Their security is so tight now it doesn't even have a butt crack!
You can take that to the bank!...
[ more ] [ reply ]
And not to mention that all of these other people are reading this inraged.. it happened in 2004 people!! Their security is so tight now it doesn't even have a butt crack!
You can take that to the bank!...
[ more ] [ reply ]
Re: Re: Re: Wardriver pleads guilty in Lowes WiFi hacks
2008-02-15
Anonymous
Anonymous
If security is so tight at Lowes, then why did I receive an unsolicted advertisement email in Feb containing my password in clear text? Account name and content easily derived from there.
Nope, sorry. I do not believe Lowes has a clue about security. Let hope PCI and other emerging standards will...
[ more ] [ reply ]
Nope, sorry. I do not believe Lowes has a clue about security. Let hope PCI and other emerging standards will...
[ more ] [ reply ]
Wardriver? Irresponsible journalism!
2004-06-07
Anonymous (1 replies)
Anonymous (1 replies)
This person was NOT a wardriver. Wardrving is NOT "driving around with laptop computers looking for wireless Internet connections".
Wardrivers, rather, drive around scanning for and gathering the locations of wireless networks, often for mapping purposes. The distinction here is wardrivers do not...
[ more ] [ reply ]
Wardrivers, rather, drive around scanning for and gathering the locations of wireless networks, often for mapping purposes. The distinction here is wardrivers do not...
[ more ] [ reply ]
Wardriver pleads guilty in Lowes WiFi hacks
2004-06-08
Anonymous
Anonymous
it too late in most places, LOWES and Home Despots have put everyone out of business by
lowering prices. Then when there is no one to compete, they raise prices and let the shelves empty out because they wont even bother restocking. If you need something you better buy something from the little bro...
[ more ] [ reply ]
lowering prices. Then when there is no one to compete, they raise prices and let the shelves empty out because they wont even bother restocking. If you need something you better buy something from the little bro...
[ more ] [ reply ]
Wardriver pleads guilty in Lowes WiFi hacks
2004-06-08
Anonymous
Anonymous
Lowes security team is laughable, however what worries me, not to give excuse to the group of guys involved is 1) that someone that didn't end up stealing a thing is getting 12 years in the can. 2) That this is the only recent article on the subject.
I would wonder where Mr. polsen gets his inf...
[ more ] [ reply ]
I would wonder where Mr. polsen gets his inf...
[ more ] [ reply ]
Wardriver pleads guilty in Lowes WiFi hacks
2004-06-08
Anonymous (1 replies)
Anonymous (1 replies)
If the Lowes wants to get people back into their stores, perhaps they should find this "person" that "installed" the WiFi AP, and publicly fire them.
Unless of course, the IT Group from LOWES actually installed the AP, then the Head of IT should be fired. or his boss, or so on...
Someone in th...
[ more ] [ reply ]
Unless of course, the IT Group from LOWES actually installed the AP, then the Head of IT should be fired. or his boss, or so on...
Someone in th...
[ more ] [ reply ]
Wardriver pleads guilty in Lowes WiFi hacks
2004-06-09
Anonymous
Anonymous
I've picked up Lowes in a wardriving scan before... The difference is, I don't act on my findings; I scan, detect, and leave. Open wifi at Lowes is nothing new.
These guys did do something wrong by intruding... but I fully agree with everyone else who has said Lowes is in the end accountable for...
[ more ] [ reply ]
These guys did do something wrong by intruding... but I fully agree with everyone else who has said Lowes is in the end accountable for...
[ more ] [ reply ]
simple resolution to a complex problem
2004-06-09
Anonymous
Anonymous
I don't use credit cards/debit at all. I do have a checking account, and a ATM card, but I don't use them in any corperate environment. For obvious reasons... only to withdraw fast cash in case of emergencies.... (only in person, at my local branch)
Yes I know that the mere fact of having a cr...
[ more ] [ reply ]
Yes I know that the mere fact of having a cr...
[ more ] [ reply ]
Lowes WiFi hacks
2004-06-10
Pilgrim
Pilgrim
Lowes is one of how many companies with a poor security ? These days finding other people's credit card informations seems as easy as finding a radio post station on your tooner. Soon enough you just might find your informations on some hack webpage.
It's a way of becoming a public person, howev...
[ more ] [ reply ]
It's a way of becoming a public person, howev...
[ more ] [ reply ]
Where are the lawsuits
2004-06-10
Anonymous (1 replies)
While these guys should be punished, so should Lowe's for being careless and negligent.
It's easy to say that the sysadmins at Lowe's are clowns and should have done this or that. Chances are, they are not clowns and that project timelines, budgets, and other management criteria forced the rol...
[ more ] [ reply ]
Anonymous (1 replies)
While these guys should be punished, so should Lowe's for being careless and negligent.
It's easy to say that the sysadmins at Lowe's are clowns and should have done this or that. Chances are, they are not clowns and that project timelines, budgets, and other management criteria forced the rol...
[ more ] [ reply ]
Re: Where are the lawsuits
2006-08-31
Anonymous
Anonymous
Sometimes personal information is thrown away instead of shredding it like anyone with a common sense would do. ss# phone # and other personal information like credit card # also thrown away due to management that doesn't want to pay the price of the shredding company's make you pay. tearing them up...
[ more ] [ reply ]
[ more ] [ reply ]
Wardriver pleads guilty in Lowes WiFi hacks
2004-06-11
nine_toe_joe (1 replies)
nine_toe_joe (1 replies)
Should Lowes be required to put out a disclosure statement as California resident info (may) has been stolen?
http://www.securityfocus.com/news/1984
What happens to retarded companies like this for implementing technology in this manner? Could customers sue Lowes?
While these fellows went wa...
[ more ] [ reply ]
http://www.securityfocus.com/news/1984
What happens to retarded companies like this for implementing technology in this manner? Could customers sue Lowes?
While these fellows went wa...
[ more ] [ reply ]
Wardriver pleads guilty in Lowes WiFi hacks
2004-06-15
DFW Consultant
DFW Consultant
I have to agree, too many people are jumping onto the WiFi bandwagon with OUT thoroughly securing and locking down these somewhat lockable systems to a degree (WEP = POOOH)but better than nonething.
The worst are these setups you drive across with the DEFAULT settings out the box, passwords, etc...
[ more ] [ reply ]
The worst are these setups you drive across with the DEFAULT settings out the box, passwords, etc...
[ more ] [ reply ]
Wardriver pleads guilty in Lowes WiFi hacks
2004-06-11
Anonymous Coward (1 replies)
Anonymous Coward (1 replies)
Unfortunately it takes stunts like this to get folks to secure their networks, wireless and otherwise. We keep jumping up and down on the soapbox and the bosses keep on ignoring us until something happens like this. Then they want to know why. Age old story which will continue to the end of time....
[ more ] [ reply ]
[ more ] [ reply ]
Re: Wardriver pleads guilty in Lowes WiFi hacks
2006-06-02
Anonymous
Anonymous
So true. Lowes Security team may have jumped up and down asking for solutions, but between department managers hollering that security "holds back progress" and upper-management crying "we don't have the money", more of this stuff is likely to happen. It WILL get worse before it gets better....
[ more ] [ reply ]
[ more ] [ reply ]
Wardriver pleads guilty in Lowe's WiFi hacks
2006-06-26
Anonymous
Anonymous
Screw them all. They should've hired some qualified IT tech with better administrators. Those idiots who hacked in shouldn't have messed with it either but who won't play around with an open network. It is like leave your car in the middle of the street with the key in the ignition switch. I am dam...
[ more ] [ reply ]
[ more ] [ reply ]
Wardriver pleads guilty in Lowe's WiFi hacks
2006-07-22
someone never shoping at lowes again (2 replies)
someone never shoping at lowes again (2 replies)
this is outragioug someone in the IT Dept. should be fired and this guy given money for finding this hole...
[ more ] [ reply ]
[ more ] [ reply ]
It's time to start asking Lowe's for an explanation of why they were using an unsecured wireless network. If it's unsecured because it needed to work with telephones and scanners, then it should have been firewalled from customer data and other stores.
If you are getting angry at corporate irr...
[ more ] [ reply ]