Kiplinger Warns Customers Hackers Got Account, Credit Card Information

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.bloomberg.com/news/2011-07-08/kiplinger-warns-customers-hackers-got-account-information-1-.html

By Michael Riley
Bloomberg
July 9, 2011

Kiplinger Washington Editors Inc., the publisher of Kiplinger?s Personal 
Finance, warned customers that hackers breached its computer network at 
least as early as June 25 and stole account data, including credit card 
numbers.

Doug Harbrecht, the company?s director of new media, said the attackers 
stole user names, passwords and encrypted credit card numbers from as many 
as 142,000 subscribers to the magazine or the company?s various 
newsletters, including the Kiplinger Letter.

Harbrecht said the two-week delay in notifying customers resulted from 
efforts to understand the extent of the break-in by ?an unidentified third 
party,? as the Kiplinger website described the intruders. He said the 
company notified the Federal Bureau of Investigation and is working with 
the agency on a probe of the incident.

?Part of the problem is we still don?t know exactly what the hackers got,? 
Harbrecht said in a phone interview. An e- mail sent to Kiplinger 
customers said the hacker may have accessed e-mail addresses as well as 
other personal information.

[...]
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/