BreachExchange mailing list archives
Cooks Illustrated magazine has a security problem
From: security curmudgeon <jericho () attrition org>
Date: Fri, 10 Feb 2006 23:35:02 -0500 (EST)
---------- Forwarded message ---------- From: Richard M. Smith <rms () bsf-llc com> Date: Fri, 10 Feb 2006 23:18:21 -0500 http://www.cooksillustrated.com/webfaqs/ What happened to your website? On January 30, 2006, we determined that a file was deleted from the "back office" part of our site. We do not know how, or by who, this file was deleted, but because we keep sensitive personal information about our website members on our servers, for security reasons we took all of our sites down immediately. Since February 3rd, our sites have been back up and running, although some limited functionality for website members has not yet been restored. Was any of my personal information compromised? As soon as we discovered that a file had been deleted from our website server, we immediately investigated the cause of this problem. Our investigation has been unable to determine how, why, or by whom the files were deleted. Although we do not have conclusive evidence that the file deletion was the work of an intruder, it is possible that an individual gained unauthorized access to our computers. The deleted file did not contain any credit card information. However, given the possibility that someone did gain unauthorized access to our system, we are notifying all website members that their credit card information may have been unlawfully accessed, and providing recommended steps that members should take to protect themselves from credit card fraud and identity theft. Why did you not contact me before now? As soon as we determined that a file had been deleted from our Internet server, we shut down our websites and disconnected our server from the Internet. At the time that our websites were brought back up, we posted messages on our website homepages describing why our site was down and that we were investigating the cause of the file deletion. As our investigation has ended without conclusive information as to how the file was deleted or whether an individual gained unlawful access to sensitive personal information, we are now contacting all website members with our findings and steps that they should take in case their sensitive personal information was, in fact, unlawfully accessed. _______________________________________________ Dataloss mailing list Dataloss () attrition org https://attrition.org/mailman/listinfo/dataloss
Current thread:
- Cooks Illustrated magazine has a security problem security curmudgeon (Feb 10)