BreachExchange mailing list archives
Re: (update) eBay forum mysteriously leaks account details on 1, 200 users
From: "Avery Sawaba" <avery.sawaba () gmail com>
Date: Wed, 26 Sep 2007 14:06:11 -0400
CVV is definitely used online, or anywhere a merchant wants to reduce risk (and therefore the rate they are charged by their processor). The security code concept is supposed to be a greater guarantee that the person using a card has it in their physical possession, since the only place you are supposed to be able to find it is physically printed on the back of the card. Its purpose is very similar to that of a PIN number. The only time security codes are requested (or should be requested) is right before a transaction is processed. The codes are validated in real time. --Sawaba On 9/26/07, Cory Gould <corygould () gmail com> wrote:
Why would ebay have credit cards to begin with, unless paypal was breeched and the ebay discussion group used to spread the word. Also, correct me if I'm wrong but I don't believe paypal/ebay requests CVV2 information when signing up anyway. In fact, the only time I'm required to give out that information is when using a credit card over the phone, never online. On 9/26/07, Avery Sawaba <avery.sawaba () gmail com> wrote:On 9/26/07, Arsen Shirokov <1and1 () canadaballoons com> wrote:The fact that the data was posted on eBay forum doesn't necessarily mean it was stolen from eBay.Hence my disclaimer, "If this information is accurate". The fact that CVV2 data is included may help disprove their claim, as it is highly unlikely that someone like Ebay would be foolish enough to do so. --Sawaba _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
_______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- (update) eBay forum mysteriously leaks account details on 1, 200 users lyger (Sep 25)
- Re: (update) eBay forum mysteriously leaks account details on 1, 200 users Avery Sawaba (Sep 25)
- Re: (update) eBay forum mysteriously leaks account details on 1, 200 users Arsen Shirokov (Sep 26)
- Re: (update) eBay forum mysteriously leaks account details on 1, 200 users Avery Sawaba (Sep 26)
- Re: (update) eBay forum mysteriously leaks account details on 1, 200 users Cory Gould (Sep 26)
- Re: (update) eBay forum mysteriously leaks account details on 1, 200 users Avery Sawaba (Sep 26)
- Re: (update) eBay forum mysteriously leaks account details on 1, 200 users Arsen Shirokov (Sep 26)
- Re: (update) eBay forum mysteriously leaks account details on 1, 200 users Avery Sawaba (Sep 25)