The transformation continues: https://krebsonsecurity.com/2017/05/credit-card-breach-at-kmart-stores-again/
18 replies (most recent on top)
@5vzv, Thank You.
Oh, and SHLD might as well finish pulling out of the Raleigh-Durham market. They're down to two atrocious K-Marts in Raleigh and a handful of Sears stores still in malls. I don't know why they haven't canned the two remaining K-Marts yet. Durham and every other city/town in the area lost all of their K-Marts by 2011.
@2wva Lenovo moved off that campus about a decade ago to multiple office parks in Morrisville, a few miles to the southeast. Toshiba's still using IBM office space though, AFAIK.
Source: I live in the area and have colleagues who work at Lenovo and IBM.
@2dsj, If I am correct both Toshiba and Lenovo are still based there.
Toshiba bought the IBM Pos business.
Lenovo bought the IBM ThinkPad side of the business.
Am I missing anything?
Toshiba's POS headquarters are still in IBM buildings at 3039 Cornwallis Road in Durham/RTP, NC.
Indeed, those machines are no longer supported. I'm guessing they likely buy off surplus units from other chains for spare parts. Really sad.
I am @1uur, I should have said "hardware requirements" not software. Brain fart sorry
@1tjx, To answer the other part of your question. IBM did sell its POS business to Toshiba but I am not sure where SHC is getting parts for the systems from since those systems are considered "legacy" systems and are no longer supported by IBM/Toshiba.
Anyone at a Sears FLS store can you please look to see what model IBM SurePos hardware Sears is running please.
It really depends on the software requirements. The updates that SHC is pushing on the Kmart systems really Boggs then down. Mind you I left in 2014 and I worked at a Kmart and it was bad then. I presume it has gotten worse. Since the systems are now 15-16 years old. In addition to that if the systems crash and the employees cannot strip parts from another register to keep it running then they will send a ncr tech out. The POS systems have been poorly maintained. They keep crashing due to lack of maintence/cost cutting/data center outages, Ect era.
I am speaking for the Kmart side,
This is a question for the Sears FLS/Grand/ and SHOS employees since SHOS are still on the legacy Sears systems. Are systems crashing just as bad at the Sears stores? Or are you guys having less problems than Kmart stores?
Kmart had a data breach of customer credit/debit cards ... possibly up to one hundred cards were effected!
fub-- just a question because I really don't know the answer. How hard is it to try to put modern software on an older system and hardware? And also, didn't SHC change vendors for the software or the system recently (from IBM to someone else or from someone else to IBM)?
I am looking for the article from NCR now.
Here are two articles to back up my rebuttal:
https://www-03.ibm.com/press/us/en/pressrelease/1384.wss
From IBM
Actually that is incorrect the IBM SurePos registers were rolled out and installed around the 2000-2002 time frame.
Before that Kmart was using a hodgepodge of POS systems. IBM 4683,Fujitsu,NCR.
In 2000-2002 they went to a unified pos system. I can find the article if you wish to read it.
The registers have been upgraded somewhat over the years,but they are the same registers that were installed prior to bar code scanning...early to mid 80's.Upgrades were just new parts when the old parts broke,like the motherboard.and a little bit of new software.
They still have a class action suit against them from the 2014 data breach. I called to ask what was going on and if they were offering free credit monitoring (like every other company that has been hacked) and I was told that management has not given any indication how large the breach was, but that no they would not offer credit monitoring, but it was between me and the credit card company.
@dcr https://media.giphy.com/media/z9AUvhAEiXOqA/giphy.gif
You need to look at this also. SHC has not invested anything in IT the registers Kmart are running were rolled out in 2000-2002 right before the bankruptcy.
The only thing new with those registers is the upgraded pin pad that is it.
So upgrading the pin pad does nothing if the back office system is not updated with the latest antivirus software.
If anyone on this board still works at the Troy data center please chime in. I just wanted to make sure I am not missing something.
It's ok, the data stolen did not include customer names, email addresses or other personal information, the data stolen was only access to all of your money. It's happened before. We know what to do. It's ok.