P2011-ND-041

In January 2011, the Organization installed a Point of Sale (POS) terminal in the cafeteria for credit card transactions and a second POS terminal was installed in March 2011. As a result of the remote location, the Organization does not have its own external networking infrastructure, but uses its client?s network at this particular remote site.

On July 20, 2011, a security scan of the external facing network discovered that
network share folders on the Organization’s computers held data about credit card transactions that had occurred that day. These computers were connected to the client?s external networking infrastructure. Although the folders were hidden, they could be located and accessed by users of the network and the internet.

File Type: pdf
File Size: 143 KB
Categories: 2011