7/11/2016 Weekly News: Wendy's Breach Much Larger than Initially Believed

Welcome back to Astria Horizon for more security news from across the web. This week I'd especially like to call your attention to the article on the hacking of several Wendy's locations, including many that our customers in New Mexico may have been affected by. This breach was much larger than initially thought, and saw the theft of credit card data from customers for over half a year. In the article summary I have also included a link so you can see if any of the stores you may have visited were affected.

1. CSO Online, "Wendy's hack was bigger than thought and exposed credit card data."

In some unfortunate news about data breaches, it was found that the fast-food chain Wendy's hack was much larger than believed initially. While Wendy's believed less than 300 of its locations were affected, it was recently discovered that over 1000 of the franchised stores were affected by this breach. Many of these stores are located in Astria's home state of New Mexico, including many locations in Albuquerque and in Gallup. Wendy's has provided a list of affected locations which can be found here.

The locations affected had a targeted form of malware on their point-of-sale systems that specifically stole all credit card info, including the card  number, card-holder's name, expiration date, and even the verification code. This information was then believed to be sent out by the malware to the criminals who installed it. If you've eaten at Wendy's in the past year, it is highly advised that you view the list and check if your store was affected, and if it was, contact your credit card provider immediately for a replacement.

2. Watchguard Security Center, "Fitbits Hack ATMs?"

This short video from Watchguard shows the capabilities of Fitbits, the accuracy of their data, and how cyber-criminals could use these in the future. Corey Nachreiner discusses how security researchers found that using the motion data found on an average Fitbit device could allow them to detect which buttons the user pressed on an ATM's pin pad, essentially allowing the criminal to learn your pin. If the criminal also had a skimmer in place on that particular ATM, he would have access to both your card number and your pin, which of course would allow him to more easily make fraudulent purchases with your card.

While the concept was certainly interesting and had considerable accuracy, Nachreiner points out a few flaws with an attack of this type in his video. The most basic of issues is that as Fitbits and other fitness trackers are usually worn like a watch, they are rarely worn on your dominant hand. That means, the hand with the Fitbit is not likely to also be the hand you use to enter your pin, and so would not give the required motion data to any criminals. In spite of this and other issues he mentions in attacking Fitbits and similar devices, it is an interesting case study at the very least, and shows how criminals could benefit from the accuracy of the data collected by wearable devices.

3. Security Week, "Thousands of Websites Compromised to Spread CryptXXX Ransomware."

One of the newer forms of ransomware, CryptXXX, has come up with a new attack method. This article from Security Week discusses how at least 2000 different legitimate websites have been compromised, and now redirect visitors to download the ransomware. It seems that most of these have been running old and outdated forms of WordPress and Joomla! on their websites, as well as some outdated and vulnerable plug-ins. This allowed the hackers to break in to their websites, and redirect their viewers into accidentally downloading their ransomware.

The biggest thing to note here is that if you use a content management system (CMS) for your website like Joomla! or WordPress, it is vitally important to keep it updated. Hackers benefit greatly from taking over legitimate websites as it allows them to infect systems they otherwise would be unable to reach, making them a great target. And when CMS services are updated, it is often to patch vulnerabilities that cyber-criminals already know of. So leaving your CMS website un-updated often leaves it exposed attacks just like these, which hurt not only your business, but any customers or potential customers that may visit your website.


That's all for this week, check back next week for more news on Information Security. And if you want more information on how Astria Business Solutions can assist you in meeting your business' information security goals, visit our website at AstriaBiz.com