Book excerpt: Bullseye Breach

With so many data breaches at major retailers in recent years, it is often hard to keep track of who has been hit by hackers lately. Inspired by recent events, IT veteran and author Greg Scott put together Bullseye Breach, a story about how Russians steal 40 million customer credit card numbers from a fictional Minneapolis retailer named Bullseye Stores.

Below is an excerpt from the book.

"Hi. This is Special Agent Connor Duncan with the FBI in Minneapolis and I need to speak to Daniel Berger right now, please."

Evelyn seemed ready for this. "Mr. Berger's unavailable at the moment. Is there something I can do to help you?"

"Probably not. Somebody's using your store to steal credit cards on a massive scale. I need to talk to your CEO right now about that."

"Sir, before we go any further, please know that this call is being recorded and we prosecute prank calls." Connor detected an edge to Evelyn's voice. This was to be expected--this was not a run of the mill customer call.

"Evelyn, I need you to put away your flowchart and connect me to a manager. Right now. I won't ask again."

"Please hold."

After a few minutes, a manager named Glen came on the line. "Um, Special Agent Duncan is it? How may I help you? And do you know how many calls we get every day that say they're with the FBI?"

"I don't care how many calls you get. As I just told Evelyn, somebody's using your store to steal credit cards on a massive scale. I need to talk to your boss's boss's boss right now."

"I'm sorry, sir, but we can't do that."

"You can't or you won't?"

"We don't have a direct line with Mr. Berger's office."

"He has a phone, doesn't he?"

"I'm sure he does, but we can't send callers right to him. That's why Bullseye operates this call center."

"Okay, fine. I just told you somebody's using your store to steal credit-card numbers on a massive scale. Now what are you going to do about it? I suggest you shut down all your credit-card operations right now."

There was silence on the phone for about five seconds.

"Um, sir, I don't know who you are, but this is not funny."

"No, it definitely is not funny. I told you who I am and I told you what needs to happen. If you can't call your CEO, maybe there's a manager above you who can."

"Our call center is in North Dakota. That's why we don't know how to call Mr. Berger."

"Uff-da!" said Connor, and he promptly hung up. "What a waste of time. I'll call their PR person. At least they'll be at corporate headquarters and not out in the middle of nowhere. Here it is, Brittany Chatsworth."

He dialed and someone picked up on the third ring. "That's more like it."

"Brittany Chatsworth, Corporate Communications. How may I help you?"

"I'm Special Agent Connor Duncan. I'm with the Minneapolis FBI office and I specialize in financial crime. I need to talk to your boss right now, because we have reason to believe your company's in the middle of an international credit-card racket. Every time one of your customers swipes a credit card, the number goes over to Russia and pops up again locally in the form of bogus plastic."

"Oh, my."

"Yep, oh my. I have messages from seven major banks so far today. They've all found new batches of credit cards up for sale from somebody in Russia. All those credit cards have only one thing in common--they were all used at your store. Recently. Like after Black Friday."

"My gosh."

"And by golly! So what are we going to do about this, Ms. Chatsworth?"

"Agent Duncan, I'm sure we're not a party to some fraud ring, and I know our computer security is the finest in the world."

"I'm sure it is, Ms. Chatsworth, but if I don't get through to a decision-maker quickly, I have an emergency warrant in my hand to shut you down. All it needs is a signature from any pissed-off federal judge who shopped at your store last week. Give me your fax number and I'll send you a copy."

"Agent Duncan!"

"Let's start over. Ms. Chatsworth, ma'am, I need to speak with Mr. Daniel Berger please. It's urgent."

"I'm sorry, but he truly is unavailable. He's out of the country at some very important meetings."

"And I'm sure he's enjoying himself. In that case, may I please speak to the person in charge of all your technology? Please? Ma'am?"

"Why certainly, that's an excellent idea. That would be Liz Isaacs. She's our CIO. She gets out of her executive council meeting in a little over an hour."

"Ms. Chatsworth, I'm only a fifteen-minute walk from your lobby. But I have a message from my boss in Quantico about Federal Judge Marvin Thornton, right here in Minneapolis. Apparently he has a problem with a credit card. As long as I'm waiting, should I stop at the Federal Building on the way to your lobby and tell him where his problem started?"

"Agent Duncan!"

"While we were talking, the Russians stole about a thousand more card numbers from your customers. What's it gonna be?"

Join the CSO newsletter!

Error: Please check your email address.

Tags Bullsecuritydata breachfbi

More about BullseyeFBIgosh

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Greg Scott

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts