Main Street retailers in hacker crosshairs

Along a crowded stretch of highway just south of Miami's downtown is a shopping area that might be called the data theft capital of the United States.

In the wireless hacker equivalent of a drive-by shooting wave, criminals obtained the cardholder information of tens of thousands of customers at four major stores there, including a DSW Shoes retail outlet that appears to have been the initial source of a chainwide data breach.

Recent investigations reveal that the thieves singled out stores with strong wireless signals and weakly protected data. While their exact methods are not known, they could have parked a car outside a store or set up in the local Starbucks, using a laptop computer outfitted with an off-the-shelf wireless receiver. They may have even received help from Web sites listing the geographic coordinates of easy-to-target stores.

From there, it would be easy to pick up signals being broadcast around the store and use them to gain access to its computer systems. For more than a month, the hackers "robbed" the same shops again and again of premium card account numbers stored in their databases.

Then, after security upgrades were announced or investigators showed up on site, the data thieves moved on--to another shop they had already staked out on the same side of the street.

read the rest here: