"A wireless network that employed less protection than many people use on their
home systems appears to be the weak link that led TJX Companies, the US-based
retailing empire, to preside over the world’s biggest known theft of credit-card
numbers.
Despite a market capitalization of almost $13bn, it appears the
company couldn’t afford to secure its Wi-Fi network with anything more robust
than the woefully inadequate Wired Equivalent Privacy protocol. (The much more
secure Wi-Fi Protected Access has come standard on most routers for four years
now.) It also failed to use firewalls or install software patches and
disregarded requirements imposed by Visa and MasterCard concerning how card
information is stored and transmitted.
According to a front-page article
in today’s Wall Street Journal, the nonfeasance allowed hackers to use a simple
telescope-shaped antenna and a laptop to intercept data flowing through a Wi-Fi
network used at a Marshalls discount clothing store near St. Paul,
Minnesota."
Article Link: http://www.theregister.co.uk/2007/05/04/txj_nonfeasance/
