baddog, props for full disclosure.
Quote:
Originally Posted by Just Alex
And why are they keeping CC numbers on their server? Aren't they supposed to keep those with their merchant?
|
Or an a firewalled INTRANET machine with a trap door. Baddog, we may be able to assist your people with setting this up a in way that is both secure and convenient to use. One major trick is to FEDERATE the database to the CC module, except for the CC table. In that way, the billing module sees the whole database and the support module sees everything but the CC table. That is, the internal server can see the part of the database that's on the web server, but the public web server can't see the sensitive data, it's a one way door.
Your brief post also indicated at least one other specific vulnerability, with a specific fix that should be done. I won't post details here.
Sure there was a social engineering component, and there were a couple of architecture problems that turned that attack into something much more serious than it should have been. ONLY tickets should have been exposed by a successful attack, not login passwords, CC info, etc. You don't need to, and aren't supposed to by PCI, store ANY track information on a public web server.