Friday, April 20, 2018
Business

Web security blogger talks about Target breach

ORLANDO — Here's what happens when you go after a Ukrainian guy operating an underground website selling credit card numbers stolen from Target:

Details about your finances get posted for any cyber criminal to see.

The accused offers you $10,000 not to publish a story identifying him.

"I didn't take it,'' said Brian Krebs, noting earlier that Sony has bought the movie rights to his story.

Krebs is the Web security blogger (KrebsonSecurity) who broke the news about Target's massive credit and debit card breach that occurred between Nov. 27 and Dec. 15. A former Washington Post reporter, he was at the CNP (CardNotPresent.com) Expo on Tuesday in Orlando to speak on payment security and the risk to retailers.

While data breaches aren't new, what happened to Target raised awareness because the impact was so widespread, he said. In December, the retailer said up to 40 million credit and debit card numbers were stolen from holiday shoppers. Another 70 million people had their personal information taken.

Krebs said he got tipped off by financial sources who said stolen credit cards, eventually traced back to Target stores, were flooding the underground market. Especially notable was a "card shop'' called Rescator.so, which indexed stolen cards by the city, state and ZIP code from where the data had been stolen.

The new locator feature allowed Rescator to sell the cards at higher prices than other sites because crooks could buy cards associated with stores close to them. That enabled them to avoid the scrutiny of banks, which started canceling cards when purchases were made outside a cardholder's home area.

Kreb said card numbers sold for $40 to $400, depending on the "valid rate'' of the card, which goes down as breaches are discovered and time passes. Buyers then encoded the data onto fake cards that street gangs and thieves called "runners'' used at stores to buy gift cards and electronics easily sold illegally for cash.

Often, the profit outweighed the risk. A stolen card that sold for $300 could fetch $1,200 in purchases, Krebs said.

Of the 40 million card numbers snatched from Target, about 2 million were sold, he estimated. In all, the hackers made $40 million to $50 million — seemingly a fortune to those involved but a pittance in the overall scheme.

Analysts have estimated the breach will cost Target an estimated $500 million to $1 billion in losses not covered by banks, which are mostly on the hook for the fraudulent charges.

Prosecuting the parties responsible has been difficult, Krebs said, partly because they are out of the U.S. grasp. Typically, hackers get busted only if they try to leave their country.

Flush with cash, many of them want to, but they also know the risk.

Susan Thurston can be reached at [email protected] or (813) 225-3110.

Comments
Regulators allow major solar company to lease home equipment

Regulators allow major solar company to lease home equipment

State regulators Friday determined that one of the country’s largest residential solar companies, San Francisco-based Sunrun, is allowed to lease solar energy equipment for homes in Florida. The decision, solar energy advocates say, could open the do...
Updated: 4 hours ago
Florida unemployment at 3.9 percent for sixth straight month

Florida unemployment at 3.9 percent for sixth straight month

For the sixth month running, Florida’s unemployment rate held at a nearly 11-year low of 3.9 percent in March as steady job gains continued. While many factors kept Florida’s economy chugging along, three industries stand out for leading year-over-ye...
Updated: 5 hours ago
Owners say new house is a disaster; developer accuses them of ‘online terrorism’

Owners say new house is a disaster; developer accuses them of ‘online terrorism’

ST. PETERSBURG --- Stretched across the front of Tim and Hyun Kims’ two-year-old house is a big banner with the name of a developer and the words: "I have to fix my new house."Some of what needs fixing is instantly apparent. The front steps are too ...
Updated: 6 hours ago
Florida hits a milestone: More than 100,000 people are registered to use medical marijuana here

Florida hits a milestone: More than 100,000 people are registered to use medical marijuana here

Florida has hit a milestone of sorts as it slowly moves toward wider availability of medical marijuana.The number of patients in the state who are registered to use the substance has surpassed 100,000 for the first time, according to Florida Departme...
Updated: 8 hours ago
Q&A: Walmart leader chats about Florida stores, and the chain’s latest retail strategy

Q&A: Walmart leader chats about Florida stores, and the chain’s latest retail strategy

The Tampa Bay Times recently sat down with Walmart director of corporate communications Phillip Keene to chat about the retail giant’s latest retail strategies and how the company is winning over customers in a competitive market.Already, two of the ...
Updated: 11 hours ago
Judge: Foreclosure defense lawyer Mark Stopa violated numerous rules of conduct

Judge: Foreclosure defense lawyer Mark Stopa violated numerous rules of conduct

Tampa Bay foreclosure defense lawyer Mark Stopa has violated numerous rules of professional conduct and caused two clients to nearly lose their homes because he failed to tell them about settlement offers from their banks. In preliminary findings of ...
Updated: 11 hours ago
SunTrust warns 1.5 million clients of potential data breach

SunTrust warns 1.5 million clients of potential data breach

Associated PressNEW YORK — SunTrust Banks Inc. says accounts for 1.5 million clients could be compromised following a potential data breach. The Atlanta bank says that it became aware of the potential theft by a former employee and that the investiga...
Published: 04/20/18
Spring break, hurricane relief boosted Tampa Bay hotels in March

Spring break, hurricane relief boosted Tampa Bay hotels in March

The Tampa Bay area’s hotel occupancy rate rose to 87.5 percent in March, the highest level in three years. The rise was fueled by spring break vacationers as well as insurance adjusters and hurricane cleanup crews flooding the state to restore it aft...
Published: 04/20/18
Here’s your first look at what will be Riverwalk Place, Tampa’s tallest tower

Here’s your first look at what will be Riverwalk Place, Tampa’s tallest tower

TAMPA — Developers on Thursday detailed plans for what they touted as the tallest building on Florida’s west coast, with condominiums priced in six and seven figures and a shimmering glass design they say would stand out in the skylines of New York, ...
Updated: 7 hours ago
St. Petersburg police remove disabled adults from ‘deplorable’ assisted living facilities

St. Petersburg police remove disabled adults from ‘deplorable’ assisted living facilities

ST. PETERSBURG — Beef jerky, mayonnaise and Altoids mints were the only edible things in view inside one of the houses. There was no running water. The refrigerator was empty. A bed sat on top of the deteriorating living room floor. Cigarette butts b...
Published: 04/19/18
Updated: 04/20/18