Re: Amazon, despite denials, was warned about hack

[InfoSec News <isn () C4I ORG>]

Forwarded by: Someone that wouldn't want their address known. :)

Thought you might like this . . . dumbass Spamazon, LOL. I had a
credit card hax0r last month, $200 wire-transferred through Yahoo
Direct/Americus, to Indonesia. Probably got the number from Amazon.


----- Original Message -----
From: "InfoSec News" <isn () C4I ORG>
To: <ISN () SECURITYFOCUS COM>
Sent: Thursday, March 08, 2001 11:36 PM
Subject: [ISN] Amazon, despite denials, was warned about hack


: http://www.theregister.co.uk/content/8/17387.html
:
: By: Thomas C Greene in Washington
: Posted: 07/03/2001 at 08:55 GMT
:
: A humiliating hack which resulted in four months of continuous
: credit-card data vulnerability for Amazon subsidiary Bibliofind,
: originally broken by the Wall Street Journal Tuesday, appears to
: involve fraud on more than one level.
:
: Intruders downloaded the company's customer records, including their
: credit card details, names and addresses, over a four-month period
: during which Bibliofind claims, incredibly, that it remained ignorant
: of any wrongdoing.
:
: "We have no information at this time to suggest that customers' credit
: cards have been misused," company spinmeister Jim Courtovich is quoted
: as saying.
:
: The Register has reason to believe that Courtovich's statement, while
: painfully predictable, is misleading.

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".