Hacker Cracks Site, Forces Trade Halt

[InfoSec News <isn () c4i org>]

http://dailynews.yahoo.com/h/nm/20010823/wr/manufacturing_brasseagle_dc_1.html

By Steve James
August 23, 2001

NEW YORK (Reuters) - In the latest in a spate of corporate
cyber-invasions, a hacker broke into a paintball company's Web site
and sent out phony financial statements Thursday, forcing the Nasdaq
stock market to halt trading in the company's shares for more than two
hours.

After discovering its computer security had been breached overnight,
Brass Eagle Inc. (Nasdaq: XTRM) notified law enforcement officials,
including the FBI, which has a special unit that investigates computer
crimes. An FBI spokesman in Little Rock, Arkansas, said only that the
agency was aware of the case.

The hacker sent out misinformation about the company's finances in
``hundreds, if not thousands'' of e-mails, said Chief Financial
Officer J.R. Brian Hanna.

The attack prompted the maker, marketer and distributor of paintball
weapons and clothing to reaffirm its earnings guidance for fiscal
2001.

``On the surface it appears to be a hoax,'' Hanna told Reuters by
telephone from Bentonville, Arkansas. Asked if it appeared the attack
was aimed at manipulating Brass Eagle's stock to gain a financial
advantage, he said that was apparently not the motive.

``But after consulting with Nasdaq, we felt it was prudent to make a
statement.''

Brass Eagle said it continues to expect fiscal 2001 sales of $100
million to $105 million and diluted earnings per share of about $1.00.

``Everything was fine at the close of business yesterday,'' said
Hanna. He said the hacker had apparently entered Brass Eagle's Web
site and sent e-mails ostensibly from the company, to addresses of
people registered to receive company mailings.

This could include everyone from paintball enthusiasts -- of which
there are an estimated 7 million in the United States -- to potential
investors and Wall Street analysts.

A spokesman for the Nasdaq stock market declined any specific comment
about Brass Eagle. But he said under Nasdaq rules, ``when a company
has material news that might affect its share price, as this (case)
would, they are required to publicize it as widely as possible.

``They must notify the Nasdaq usually about 10 minutes before
(announcing the news) and we work together on the timing of the
trading halt,'' the spokesman said.

Trading in Brass Eagle shares was halted around 10.40 a.m. EDT
Thursday and resumed more than two hours later. The stock closed on
Thursday up 28 cents, at $6.24.

Hanna said computer security was being tightened at the company, which
employs about 150 people at a plant in Neosho, Missouri, and another
50 in Chula Vista, California, where Brass Eagle makes masks and
clothing for paintball -- a manhunt-like game that is also used by
some companies to test management skills.

The company also operates an ``X-treme'' sports facility, Challenge
Park Extreme, in Jolliet, Illinois.

This was just the latest case of cyber-invasion in the information
age.

This month, a student who issued a fake press release that triggered
frenzied selling of shares in data storage equipment maker Emulex
Corp. (Nasdaq: EMLX) and sent Wall Street into a panic, was sentenced
to three years and 8 months in prison.

And a day trader accused of posting fake press releases on the
Internet claiming Lucent Technologies Inc. (NYSE: LU) would not meet
earnings projections, agreed to settle civil fraud charges with
federal securities regulators.

Earlier this summer, hackers entered a computer system that controls
much of the flow of electricity across California, and in Toronto, JDS
Uniphase Corp. (JDU.TO) said a hacker broke into its Web site and
gained access to a draft of its fourth-quarter financial results.

Overseas, Infosys Technologies Ltd , one of India's biggest software
companies, said one of its corporate banking Web sites was down for
several hours after hackers broke into it.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.