VA: Voxant Breach

[d2d <d2d () attrition org>]

Courtesy the Granite State (http://doj.nh.gov/consumer/pdf/Voxant.pdf)

The Voxant online ecommerce store server was hacked on or about June 20, 
2007 using what appeared to be a typical phishing scheme.  The server is 
seperate from our primary business at www.voxant.com.  We immediately took 
the affected server offline, removed the offending phising pages, ...

...encrypted credit card numbers could have been accessed in our ecommerce 
system during the original incident.  Although the credit card numbers 
were encrypted, we found that the encryption key was not well protected...

...Data in our database up through June 19-20 could have been affected, 
representing approximately 4,500 US customers...


_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml