Or, if you bought at DQ using a credit card…well, if you use Yahoo…or bank at JPMorgan Chase: bad news. All have been breached. Yahoo, for instance still has some servers vulnerable to the Shellshock bug. You have to wonder about their IT Dep’t.’s thoroughness.

In the case of KMart, it’s not yet clear what has been taken. With KMart, it’s not just credit card but also debit card info which were the target of the attack.

You’d best be alert and be in contact with your bank and credit card company to verify there’s been no unusual activity on your account.

Best advice: Order a new card.

The Password/PIN Age might well be coming to an end, though. The most likely culprit for the weakness in the system is the Shellshock bug. A good layman’s explanation of this weakness can be found here: Neowin. The other big weakness is the Heartbleed bug vulnerability, which also ‘bleeds’ information at login. Although some fixes exist for this at a superficial level, and most all sites are fixed, having and using a browser extension to reveal any vulnerability is a good idea if your account at the site has any important personal data attached.

The likely replacements for the password/PIN system is biometric (although this system has cons as well as pros). Fingerprint/retina imaging will likely be the replacement for the antiquated and vulnerable current system.

If you're interested in learning more about biometric alternatives which will probably be coming to 'smart' devices, take a peek here: http://www.cnn.com/2014/04/04/tech/innovation/5-biometrics-future/index.html?sr=tw040714biometricpw330pStory

An Easter Egg for you...although off topic slightly, if you're interested in browser security testing for Chrome, before installing them take a peek at this article: http://www.ghacks.net/2014/10/05/precautions-to-take-before-installing-chrome-extensions/?_m=3n%2e0038%2e1387%2ehj0ao01hy5%2e1fp5

Source:

http://www.neowin.net/news/attention-kmart-shoppers-your-credit-card-may-be-compromised