Safeway shoppers hit by email hoax

[William Knowles <wk () C4I ORG>]

http://news.cnet.com/news/0-1005-200-2511703.html?tag=st.ne.1002.lthd.1005-200-2511703

By Reuters
Special to CNET News.com
August 13, 2000, 9:15 a.m. PT

LONDON -- Safeway has become the latest company to suffer an Internet
security breach when customers were sent an email appearing to come
from the supermarket chain advising them to shop elsewhere.

Up to 1,000 customers telephoned to complain yesterday after a hacker
appeared to have accessed a Safeway database containing details on
25,000 shoppers, The Sunday Times reported.

The hoax email--signed "from the Safeway team" and headed with the
company's email address--announced a 25 percent price increase and
told customers that if they were unhappy they should shop at rivals
Tesco or Sainsbury, the newspaper said.

"The message does seem to have been sent out by our own computer
system and we're trying to track the source," a Safeway spokesman told
the newspaper. "We are investigating whether the computers may have
been hacked from outside or whether there may be an internal source."

The email is the latest incident to expose Internet security failures
in Britain. Last month Barclays was forced to shut down its online
banking service when it discovered that some customers were getting
access to other accounts. Electricity company PowerGen admitted last
month that the credit and debit card details of thousands of customers
may have been accessed by an unauthorized user.


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".