New Hampshire company hacks smaller competitor for customer list

[Jake <jake () riskbasedsecurity com>]

http://www.scmagazine.com/new-hampshire-company-hacks-smaller-competitor-for-customer-list/article/457932/

A linen services company in New Hampshire pleaded guilty to hacking into
the computer server of a similarly named, but smaller competitor.

The company, General Linen Services, LLC (DBA General Linen Somersworth)
pleaded guilty under U.S. Code Title 18, Section 1030, the U.S. legislation
that governs fraud and related activities.

The company stole over 1,000 invoices in an effort to steal customers,
according to a Federal Bureau of Investigation (FBI) statement
<https://www.fbi.gov/boston/press-releases/2015/new-hampshire-company-pleads-guilty-to-hacking-into-a-competitors-computer-system-for-commercial-advantage>.
The FBI <http://www.scmagazine.com/search/fbi/>stated that “between
September 2009 and April 8, 2010 there were 157 instances of unauthorized
access to the victim company's computer system and that the majority of
those intrusions originated at the office of the defendant, General Linen
Somersworth.”

The victim, General Linen Services Co. Inc., based in Newburyport,
Massachusetts, used the same software vendor, web portal, and the companies
used the same default passwords, according to local news reports.

“My client, General Linen of Newburyport, Mass., is a small, family-owned
business,” said James F. Laboe, the attorney for General Linen Services Co.
Inc., in a statement
<http://media.scmagazine.com/documents/181/12-3-15_laboe_press_statement_45018.pdf>
obtained
by SCMagazine.com. “General Linen of Somersworth is probably 10 times the
size of my client, yet they intentionally hacked into my client's website
to steal their most valuable asset, its customer information.”

The former IT director shared the login information with others at General
Linen Services, LLC, who repeatedly accessed the competitor's computer
system, the FBI stated. “Competition is a healthy part of business, but
theft and deception is inexcusable,” the Massachusetts-based company wrote
on its website <http://glsma.com/catalog/index.php>, in a note to its
clients.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!