News breaking today that a new batch of stolen card numbers made available for sale all have something in common – all have been used recently for Book2Park.com reservations. This makes it likely that this was the source of the card data theft.
Sure enough, Brian Krebs has been researching this further and has had confirmation from the owner of Book2Park.com that “a technology firm the company contracts with did recently discover and remove malicious files that were somehow planted on Book2park’s Web server”
Krebs suggests that it is likely that the same gang that successfully breached Home Depot and Target are responsible for this hack given the common themes involved – the same outlet has been used to sell on card numbers. Further evidence links these breaches to the previously reported card data thefts at OneStopParking.com and Park ‘N’ Fly, who also reported malware had been found on their bookings web server.
File Integrity Monitoring provides a breach detection safety-net, offering continuous protection against malware for any web application and its supporting server platform.