BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Hackers steal Co-op patrons' personal information

From: security curmudgeon <jericho () attrition org>
Date: Mon, 31 Jan 2011 01:20:16 -0600 (CST)

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.dailycampus.com/news/hackers-steal-co-op-patrons-personal-information-1.1949423

By John Sherman
The Daily Campus
January 30, 2011

Falling victim to digital maliciousness, HuskyDirect.com was hacked early 
last week, leaving credit card numbers and other customer information up 
for the hacker's grabs.

HuskyDirect.com is an official vendor of UConn sports goods that works in 
cooperation with the UConn Co-op. The site has been taken down, citing on 
its homepage that it is "undergoing crucial maintenance." The page is not 
expected to be operational until Co-op officials have confidence the 
vendor has fixed any problems that left the site vulnerable in the first 
place. According to the HuskyDirect homepage, it will be at least "a few 
days" before confidence is restored and the site is resurrected.

While it has been reported that only those who have made purchases through 
HuskyDirect were affected (Co-op customers need not worry unless they 
purchased goods from Huskydirect.com) the tally of victims is not slight. 
UConn informed 18,000 online shoppers of the breach, and suggested they 
make efforts to protect their information and, subsequently, themselves.

"To help guard against any fraudulent use of your personal information, we 
are offering you credit monitoring services," an email issued to all 
HuskyDirect customers read. "If you detect any suspicious activity on your 
account, you should promptly notify the institution with which the account 
is maintained and also contact your local law enforcement."

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/
Previous By Date Next
Previous By Thread Next

Current thread: