Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

dfinger_FTNT
Staff
Staff

CVS confirms data breach at photo site this summer

"While the investigation is ongoing, the results to date suggest that an unauthorized party entered PNI’s systems and was able to deploy malware designed to capture user input on PNI’s servers that support some of its customers’ websites,” said Kirk Saville, a Staples spokesman.

A few items to note:

1) once again, a smaller 3rd party was the source of a breach.  don't overlook the security of your partners/providers.

2) although email has been the entry point of choice for many high profile breaches, in this case it appears to have been the (web) servers.  don't lose sight of the importance of securing this vector.

3) a breach can happen to anyone.  make sure you have detection and response tools and processes in place.

For more on this incident- https://www.bostonglobe.com/business/2015/09/11/cvs-confirms-data-breach-photo-site-this-summer/xc7m...

For more on ways Fortinet can help- http://www.fortinet.com/solutions/advanced-threat-protection.html

0 REPLIES 0
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.