Darren Pauli reports:
An Eastern European crime syndicate has hacked into a small Australian business and stolen details of half a million credit cards from the company’s network.
It was suspected the attack could result in more than $25 million in fraudulent transactions.
The Australian Federal Police, together with foreign national law enforcement agencies, are preparing to raid an unknown number of syndicate members to prosecute them.
Marden would not name citing the affected business due to an ongoing criminal investigation, but it is understood it operated a highly vulnerable network from which the 500,000 credit cards were stolen.
Its network was protected with default passwords and carried both benign and unsecured transactional data. The company had left RDP activated so it could monitor stocks.
“The network was setup by some local suppliers who didn’t understand IT security,” Marden said.
“It was a disaster waiting to happen.
Read more on CRN.