Details have emerged of three new breaches affecting Big Fish Games' website, Jefferson National Park Association's gift shop POS systems and a spear-phishing attack targeting employees of State of Franklin Healthcare Associates. NNT provide more details of what and how happened, and how other organizations can protect themselves.


Big Fish Games have reported this week that they self-discovered an incident on January 12, 2015, which involved the theft of payment card and Personal Identifiable Information from their website. Customers affected made purchases between December 24, 2014, and January 8, 2015.

Their letter to affected customers goes on to state that the malware has been removed and they have taken steps to prevent a reinstallation.

It isn’t clear at this stage how the malware infection was instigated or whether there is any other link to previous eCommerce/Web retailer sites such as, Park ‘N Fly, and reported previously. breach details here 

Park ’N Fly and breaches detailed here


Jefferson National Parks Association issued a press release last week reporting that malware had been discovered on POS systems at the Levee Mercantile and Museum Store gift shops.

The malware has been in place since August 2014 and the source was eventually identified as JNPA in December. Correlation of fraudulent transactions is used by payment card brands and providers to identify a common factor to all. This allows the breach source to be pinpointed and action was taken, but it always takes time for victims to notify their bank of suspicious transactions, by which time the card data theft has already been running for months.

2014 saw numerous high-profile POS malware attacks resulting in card data theft, including the recently reported Marriott Hotel breach, Chick-Fil-A, and Staples, leading to renewed focus on PCI DSS requirements for system hardening and File Integrity Monitoring

Suspected POS breach at Chick-fil-A: Did the PCI DSS fail?

The Jefferson National parks Association press release is here


Finally, Employees at State of Franklin Healthcare Associates have been targeted in a spear phishing scam. The cyber attack intent was to elicit social security numbers and personal identifiable information. In turn, this information would then be used to file fake tax returns and claim refunds. Why this particular organization’s employees were targeted is unclear but it is well-known that the more targeted and personalized a phishing attack is (at which point it becomes classed as Spear Phishing), the more likely it is to bear fruit. For our notes on phishing attack protection see  our article ‘Batten down the hatches! Looking at ways to enhance protection against ransomware, APTs and other phishing malware’

The original State of Franklin Healthcare Associates attack report is here 

NNT Suite of Products

change tracker gen7r2 logo

Combine industry leading Device Hardening, File Integrity Monitoring, Change Control, Configuration Management & Compliance Management into one easy to use solution that can scale to the most demanding environments!

fastcloud logo

Automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology) Integrity Assurance.

log tracker logo logo

Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds.

vulnerability tracker logo

Continuously scan and identify vulnerabilities with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

USA Offices
New Net Technologies LLC
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
1175 Peachtree St NE
Atlanta, Georgia, 30361.
4145 SW Watson, Suite 350
Beaverton, Oregon, 97005.

Tel: (844) 898-8358
email [email protected]
UK Office
New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire

Tel: 01582 287310
email [email protected]
CIS benchmarking SEWP Cybersecurity 500Sans Institute Now Certified IBM Security
Copyright 2019, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.