Payments Processor TSYS Ransomware Attack – Expert Comment

Brian Krebs today reported that payment card processing giant TSYS suffered a ransomware attack earlier this month. The data stolen from the company have been posted online and attackers plan to publish more data in the coming days. 

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Mark Bower
Mark Bower , Senior Vice President
InfoSec Expert
December 11, 2020 4:42 pm

Data processors and payment organizations at the heart of entire industries are always on the radar of attackers. The high volumes of third-party data make them very attractive – both for the data they handle themselves and the data they have been entrusted with. Historically, they have also been entities where an attack to the administrative side has led to subsequent and secondary breaches of core processing platforms from attackers using data in emails, files, and databases.

While so far, the good news is the core processing systems have not been impacted, likely from a modern data-centric approach to protecting it that’s common in leading payment processors, the bottom line is that this sends a clear reminder to any organization in the scaled data collection and processing business to ensure data security is implemented end-to-end, or made a top priority for the next year as we collect, store and process more sensitive data than ever.

Privacy and security regulations are clearly motivation, but having gigabytes of sensitive data leaked can quickly morph into an uncontainable nightmare with equally uncontained cost impact without it.

Last edited 1 year ago by Mark Bower
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x