BreachExchange mailing list archives
Lush hack let slip 5, 000 people's bank details (UK)
From: Jeffrey Walton <noloader () gmail com>
Date: Wed, 10 Aug 2011 19:15:49 -0400
http://www.zdnet.co.uk/news/security-threats/2011/08/10/lush-hack-let-slip-5000-peoples-bank-details-40093664/ Outsiders installed code on Lush's website that intercepted banking details — in what is known as a man-in-the-middle attack — between October 2010 and January 2011, the UK data-protection watchdog said on Wednesday. "Hackers attacked and put a bit of code on the Lush website to siphon off customer details," a spokesman for the Information Commissioner's Office (ICO) told ZDNet UK. "The code allowed the hackers to get information as people were putting [payment details] into the website." ... _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Learn encryption strategies that manage risk and shore up compliance. Download Article 1 of CREDANT Technologies' The Essentials Series: Endpoint Data Encryption That Actually Works http://credant.com/campaigns/realtime2/gap-LP1/
Current thread:
- Lush hack let slip 5, 000 people's bank details (UK) Jeffrey Walton (Aug 11)