funsec mailing list archives
'Coordinated' Hackers Steal Internet Retailer Customer Credit Cards
From: "Paul Ferguson" <fergdawg () netzero net>
Date: Wed, 19 Sep 2007 19:58:09 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Via InformationWeek. [snip] Despite running what he thought was a well-secured network, the president of a publishing company has disclosed that a "coordinated and sophisticated" group of hackers broke in and stole customers' credit card information. Vertical Web Media said its network was breached in August and hackers made off with customers' names, addresses, phone numbers and e-mail addresses, along with credit card numbers and expiration dates. Jack Love, president of the Chicago-based publisher of Internet Retailer magazine added that only a portion of the company's customers were compromised because the data was pulled offline as soon as the publisher was alerted by a customer that there was a problem. [...] Love said in mid to late August they were first contacted by a customer telling them there might be a problem but they couldn't pinpoint any security holes. "We immediately assumed there was a problem and took all the credit cards off the site," he added. Then in late August, they were contacted by another customer who said his credit card information had been stolen and the Vertical Web Media site was the only place he had used it. An investigation found that hackers had been attacking the network from about half a dozen IP addresses around the world, Love said. One would breach the network for about 10 minutes, and then another would pick up the attack from another IP address for another 10 minutes. He added that they were using queries on the system that only produced information on one customer at a time. Love said he could not reveal how the hackers got into the network at this point because of the ongoing investigation. [snip] More: http://www.informationweek.com/security/showArticle.jhtml?articleID=2018075 39 - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFG8X9Nq1pz9mNUZTMRAg7gAJ4neDLjrLk6HKIN0K4kzmPOozGqGQCgs7bW W/joKV4s7xdHlK9eM3J1ly4= =SV7f -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- 'Coordinated' Hackers Steal Internet Retailer Customer Credit Cards Paul Ferguson (Sep 19)