Walmart is one of the largest and most prolific big-box stores in the United States. As such, it has been a frequent and favorite target of modern hackers seeking to obtain customer information, including banking card account numbers. In 2009, confirmation was released of security breaches that occurred in 2005 and 2006, during which sensitive code and store data was stolen.
The Facts of the Breach
In October of 2009, several news sites carried stories outlining a wave of cyberattacks that targeted Walmart in 2005 and 2006. During these attacks, large portions of Walmart’s point-of-sale code were transmitted from the company to a computer located in Eastern Europe. The attack was traced back to a Nortel VPN connection that was instigated by an ex-Walmart employee in Canada, whose account was never properly shut down by IT services. However, the breach itself was not noticed until 17 months later, when an attempt by the hackers to secretly install a password-cracking tool in the company’s system caused the entire system to glitch and shut down; subsequent repair attempts discovered the breach.
After the discovery, Walmart maintained that no “customer or associate data was compromised.” This claim appears to be supported by the fact that no widespread fraud ever occurred with Walmart purchases as a common denominator, but worry still persists regarding the 17 months during which several failed access attempts were logged but not addressed. Additionally, customers and investors worry about the fact that the breach was not detected via intentional monitoring or logging, but rather “stumbled across” by accident, highlighting the need for more aggressive monitoring and security measures.
At Nextrio, we are dedicated to helping you address today’s IT security concerns to protect your company and your clients. Our experienced team offers networking solutions that include managed IT, cloud services, and user training. You can learn more about us and the customizable solutions we offer when you click through our website or give us a call at (520) 545-7100.
This article is part of our ongoing series, WORLD FAMOUS SECURITY BREACHES!