In early 2012 a group of 3 hackers were caught when a mainframe at Logica was no longer running as expected. This was the first warning that hackers had penetrated the once unpenetrable IBM mainframe z/OS. Through some simple and some ungodly technical hacks the attackers were able to gain shell access to the mainframe, harvest accounts and got access to some very private data. The mainframe that was breached was responsible for Swedish police, banks, SPAR (SSN equivalent), Infortorg etc. SoF was able to obtain the detailed investigation to the attack and some extras that weren’t in the report. This talk will go over how the attack when down, what was successful and what wasn’t, how they were caught and investigated and tools that exist today (which didn’t exist at the time of the attack) to perform the same type of pentest on your mainframes. If you learn anything from this talk it will be just how unsecure these mainframes really are when in the wrong hands.