BreachExchange mailing list archives
ID Thieves Turn Sights on Smaller E-Businesses
From: Dissent <Dissent () pogowasright org>
Date: Thu, 28 Sep 2006 09:41:16 -0400
http://www.washingtonpost.com/wp-dyn/content/article/2006/09/28/AR2006092800333_pf.html [...] While public attention has remain fixed on a series of high-profile data losses or database breaches at federal government agencies, large corporations and universities, experts who study financial fraud say hackers increasingly are targeting small, commercial Web sites. In some cases, criminals are able to gain real-time access to the sites' transaction information, allowing them to steal valid credit card numbers and quickly charge large numbers of fraudulent purchases. Small e-businesses offer fewer total victims, but they often present a softer target, either due to flaws in the software merchants use to process online orders or an over reliance on outsourced Web site security. Cole's and Galloway's information was recorded being traded in an online chat room by Dan Clements, co-founder of CardCops.com, a fraud prevention service that monitors underground chat rooms where criminals trade in stolen credit cards and information used to commit identity theft. Clements said many smaller online merchants use generic shopping cart software that they fail to maintain with the latest software security patches. [...] Related blog by Brian Krebs: http://blog.washingtonpost.com/securityfix/2006/09/shopadmins_and_the_id_theft_cy.html _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tracking more than 136 million compromised records in 375 incidents over 6 years.
Current thread:
- ID Thieves Turn Sights on Smaller E-Businesses Dissent (Sep 28)