Network Solutions Hack Compromises 573, 000 Credit, Debit Accounts

[security curmudgeon <jericho () attrition org>]

http://voices.washingtonpost.com/securityfix/2009/07/network_solutions_hack_comprom.html

Network Solutions Hack Compromises 573,000 Credit, Debit Accounts
By Brian Krebs  |  July 24, 2009; 5:20 PM ET

Network Solutions Hack Compromises 573,000 Credit, Debit Accounts

Hackers have broken into Web servers owned by domain registrar and hosting 
provider Network Solutions, planting rogue code that resulted in the 
compromise of more than 573,000 debit and credit card accounts over the 
past three months, Security Fix has learned.

Herndon, Va. based Network Solutions discovered in early June that 
attackers had hacked into Web servers the company uses to provide 
e-commerce services - a package that includes everything from Web hosting 
to payment processing -- to at least 4,343 customers, mostly mom-and-pop 
online stores. The malicious code left behind by the attackers allowed 
them to intercept personal and financial information for customers who 
purchased from those stores, Network Solutions spokeswoman Susan Wade 
said.

Wade said the company is working with federal law enforcement and a 
commercial data breach forensics team to determine the cause and source of 
the break-in. The payment data stolen was captured from transactions made 
between March 12, 2009 and June 8, 2009.

[..]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php