Heartland

The hackers used SQL injection, the most commonly exploited vulnerability to hacking the systems of Payment processing company Heartland’s system.

The intruders managed to bypass various antivirus packages and stole sensitive customer payment data from the firm.

The attack caused about $200 million to the firm.

Source: https://www.securitymagazine.com/articles/94114-notorious-cybersecurity-attacks-in-history-and-how-to-prevent-them

TPRM report: https://scoringcyber.rankiteo.com/company/heartland-payment-systems

"id": "hea214823222",
"linkid": "heartland-payment-systems",
"type": "Vulnerability",
"date": "01/2008",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'industry': 'Payment Processing',
                        'name': 'Heartland Payment Systems',
                        'type': 'Company'}],
 'attack_vector': 'SQL Injection',
 'data_breach': {'data_exfiltration': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Customer Payment Data'},
 'description': 'Hackers used SQL injection to breach Heartland Payment '
                'Systems, bypassing antivirus protections and stealing '
                'sensitive customer payment data, resulting in a financial '
                'loss of $200 million.',
 'impact': {'data_compromised': 'Customer Payment Data',
            'financial_loss': '$200 million',
            'payment_information_risk': 'High'},
 'initial_access_broker': {'entry_point': 'SQL Injection'},
 'motivation': 'Financial Gain',
 'post_incident_analysis': {'root_causes': 'SQL Injection Vulnerability'},
 'title': 'Heartland Payment Systems Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'SQL Injection'}