Internet Law
Wal-Mart Was Among Major Retailers Targeted in ‘05-‘06 Hack Attacks
Posted Oct 13, 2009, 10:48 am CST
By Martha Neil
Although it appears that no sensitive consumer data may have been stolen, Wal-Mart was among the major companies attacked by computer hackers in 2005 and 2006.
Only a fortuitous server crash may have saved the giant retailer from joining the ranks of TJX, Dave & Buster’s and other companies, which had some 100 million accounts compromised all told, reports the Threat Level blog of Wired magazine. As in other such attacks, the would-be Wal-Mart hackers targeted point-of-sale computerized transactions at retail outlets, but the incidents seem to be unrelated.
After the November 2006 crash, Wal-Mart administrators discovered a L0phtcrack password-cracking tool had been secretly installed on one of its servers, causing it to go down. Investigators traced the password tool to a virtual private network account that had been compromised. The VPN account led to a computer in Minsk, Belarus.
Wal-Mart has since enhanced its security, as the company had planned even before the hack attack. The company wasn't required to make the hack attack public because it wasn't clear that any consumer data had been compromised, Threat Level reports.