Hardware Giant LaCie Acknowledges Year-Long Credit Card Breach

[InfoSec News <alerts () infosecnews org>]

http://krebsonsecurity.com/2014/04/hardware-giant-lacie-acknowledges-year-long-credit-card-breach/

By Brian Krebs
Krebs on Security
April 15, 2014

Computer hard drive maker LaCie has acknowledged that a hacker break-in at 
its online store exposed credit card numbers and contact information on 
customers for the better part of the past year. The disclosure comes 
almost a month after the breach was first disclosed by KrebsOnSecurity.

On Mar. 17, 2014, this blog published evidence showing that the Web 
storefront for French hardware giant LaCie (now owned by Seagate) had been 
compromised by a group of hackers that broke into dozens of online stores 
using security vulnerabilities in Adobe’s ColdFusion software. In 
response, Seagate said it had engaged third-party security firms and that 
its investigation was ongoing, but that it had found no indication that 
any customer data was compromised.

In a statement sent to this reporter on Monday, however, Seagate allowed 
that its investigation had indeed uncovered a serious breach. Seagate 
spokesman Clive J. Over said the breach may have exposed credit card 
transactions and customer information for nearly a year beginning March 
27, 2013. From his email:

[...]

--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/