C&K apologizes for unauthorized access that led to Goodwill breach
September 17, 2014
The web hosting service apologized Monday for the “intermittent” unauthorized access to its hosted environment over an 18-month period that likely led to the data breach incurred by Goodwill Industries International.
C&K Systems, Inc. noted that once an independent security analyst informed the company on July 30 of the unauthorized access, it called in “an independent cyber investigative team.” By working with that team, C&K was “able to catch up and stop the threat,” which it called a “highly specialized Point of Sale [(POS)infostealer.rawpos] malware variant” that went undetected by the company's security software systems until Sept. 5.
The investigation showed that three of its customers, including Goodwill, were affected, and all were notified immediately with “steps taken to eliminate the threat.” C&K said that while “many payment cards may have been compromised” fewer than 25 have been used fraudulently.
It is common for security teams to forget that chats and email accounts that live on breached networks will no longer be secure, a variety of breach responders, negotiators, and preparation consultants told SC Media.