Montgomery law firm says retailer security breach 'tip of the ic - WLOX.com - The News for South Mississippi

Montgomery law firm says retailer security breach 'tip of the iceberg'

Posted: Updated:
MONTGOMERY, AL (WSFA) -

It may be just the beginning - experts warn the massive security breach at Target may impact more stores. Not only were other retailers likely hacked, the information that was stolen continues to make its way into the wrong hands.

A police chief in South Texas says it looks like the account information stolen from Target last month is being divided up and sold off regionally. The McAllen, Texas police chief made the comment following the arrest of two Mexican citizens who arrived at the border with 96 phony credit cards. He says the pair used the cards to buy tens of thousands of dollars worth of merchandise at area stores, including Best Buy, Wal-Mart and Toys R Us.

A federal official later discounted the police chief's statements saying there is no connection between the arrests and the retailer's credit card data theft.  Texas police and federal agents are working together to determine how the men got the information to make the fake cards.

Target was first - a cyber attack that compromised the credit card numbers and other personal information of up to 110 million customers.

Then, Neiman Marcus admitted that its data systems had been hacked.

Now, a new report from the cyber watch group IntelCrawler suggests at least six more retailers have yet to tell customers they've been breached with the same malware attacking their online credit card processing.

"Once it's identified, then the security community can rally around it and put controls in place. But the problem is, the hackers know that. So they manipulate or mutate this malware, and then re-use it," said Ken Stasiak, CEO of SecureState. "it was put up on the internet for download for other hackers to then take, and potentially use it for malicious harm. And that's what we believe happened to Target as well as Neiman Marcus.

Jere Beasley, whose Montgomery law firm has filed two class action lawsuits against Target, says it's just the beginning.

"I don't think we've seen the end of this. In fact, I think we've really only seen the tip of the iceberg. We believe that there will be other huge retailers. The losers here are the American people, the consumers," Beasley said.

Beasley says legislation introduced in the U.S. Senate this week appears to provide consumer protections in the event of security breaches like the recent Target data theft, but actually undermines their right to justice through the court system. The Data Security Act of 2014 was introduced Jan. 15 by Sens. Tom Carper (D.-Del.) and Roy Blount (R-Mo.).

"This legislation is designed, really, to hurt consumers. It prohibits, for example, private lawsuits. It prohibits class actions. It says you cannot sue under state law, even though the credit card companies and the hackers and everybody else may be violating state law. This act says specifically that you- a victim- cannot file a lawsuit under state law and that is absolutely mind boggling," Beasley told WSFA. "When you consider that you have a monumental, devastating problem facing the American people, anybody who has a credit card, and to put legislation into the hopper that protects the very people who are the wrong-doers makes no sense."

The bill would establish a national standard for data breach notification, and require American businesses that collect and store consumers' sensitive personal information to safeguard that information from cyber threats. While that sounds reasonable, the bill actually protects the retailers, Beasley said.

If a huge retailer complies with the Act it would be immune from liability for any wrongdoing. It also appears that banks, card companies and other financial institutions are not covered by the act, the law firm said in a press release.

"The Federal Trade Commission and Congress have a direct responsibility to change our system and until they do, we're open season in this country,"  he added.

A cyber security firm who identified a Russian teen as the one responsible for the malware used in the security breaches has released an updated report saying another author crafted the code, through the firm still accused the teen of playing a role in the breach.

The teen has fought back against the accusations in different Russian media outlets, saying he does not have the education needed to create the virus and that he only writes code for personal use.

Copyright 2014 WSFA 12 News.  All rights reserved.

  • Most Popular StoriesMost Popular StoriesMore>>

  • Dismembered human corpse identified, suspected killer in jail

    Dismembered human corpse identified, suspected killer in jail

    Tuesday, September 16 2014 6:10 AM EDT2014-09-16 10:10:09 GMT
    (WMC) - Investigators have identified the man whose head they found inside a black garbage bag after police believe he'd likely been dead for more than a week. Police say the victim has been identifiedMore >>
    Investigators have identified the man whose head they found inside a black garbage bag after police believe he'd likely been dead for more than a week.More >>
  • Ocean Springs mom warning parents about app

    Ocean Springs mom warning parents about app

    Tuesday, September 16 2014 10:00 AM EDT2014-09-16 14:00:09 GMT
    An Ocean Springs mom is sending a warning to South Mississippi parents. Katrina Johnson wants every parent to be aware of an app that she says is being used by many students to spread hate.More >>
    An Ocean Springs mom is sending a warning to South Mississippi parents. Katrina Johnson wants every parent to be aware of an app that she says is being used by many students to spread hate. Johnson discovered the posts last week, and she says what she read would make parents cringe.More >>
  • 'Party mansion' owner convicted of tax and healthcare fraud

    'Party mansion' owner convicted of tax and healthcare fraud

    Friday, September 12 2014 12:38 PM EDT2014-09-12 16:38:35 GMT
    File photoFile photo
    A former Raleigh resident, known for the wild parties held at his “party mansion” in North Raleigh, was sentenced to more than 10 years in prison for tax fraud, healthcare fraud and money laundering crimes, according to a United States Department of Justice release.More >>
    A former Raleigh resident, known for the wild parties held at his “party mansion” in North Raleigh, was sentenced to more than 10 years in prison for tax fraud, healthcare fraud and money laundering crimes, according to a United States Department of Justice release.More >>
Powered by WorldNow

208 DeBuys Road
Biloxi, MS 39531
(228) 896-1313

FCC Public File
EEO Report
Closed Captioning

All content © Copyright 2000 - 2014 Worldnow and WLOX. All Rights Reserved.
For more information on this site, please read our Privacy Policy and Terms of Service.