Information Security News mailing list archives
Hacker Posts Credit Card Info
From: mea culpa <jericho () DIMENSIONAL COM>
Date: Mon, 10 Jan 2000 12:18:18 -0700
http://www.wired.com/news/technology/0,1282,33539,00.html 10:45 a.m. 10.Jan.2000 PST The FBI is hunting for a self-described cracker said to have posted 300,000 stolen credit card numbers in a blackmail attempt gone bad. The hacker, believed to be located in eastern Europe, claims to have stolen 300,000 customer credit card numbers from the CD Universe store, The New York Times reported Monday. After the store refused to pay him US$100,000, he published the data on a Web site. The unidentified hacker, going by the alias Maxim, sent email messages to the Times saying that he used credit card numbers to obtain money for himself. He sent actual numbers to the paper as well, to prove the validity of his claim. The hacker distributed up to 25,000 of the stolen numbers during the last two weeks, according to the reports. The site was shut down Sunday morning. When the site was operational, visitors could click on a link to obtain a credit card number and the associated name and address of its holder. CD Universe and its parent company, eUniverse, are aiding the FBI's investigation. "He definitely has CD Universe data," eUniverse chairman Brad Greenspan told the Times. "Whether he hacked the site or got the data in some other way, I'm not sure exactly." The hacker said he cracked into a database at CD Universe's Web site by way of a software flaw, according to the report. He sent a fax last month to the company asking for $100,000 in return for the destruction of the data. After the company refused, he posted the numbers on Christmas Day to a Web site called The Maxus Credit Card Pipeline. CD Universe said it was alerting customers and working with the credit card companies to help those with stolen card numbers. ISN is sponsored by Security-Focus.COM
Current thread:
- Hacker Posts Credit Card Info mea culpa (Jan 10)