BreachExchange mailing list archives
Hack on e-commerce co. exposes records for 200, 000
From: security curmudgeon <jericho () attrition org>
Date: Fri, 4 Jun 2010 19:17:39 -0500 (CDT)
(This article appears to have more info) http://www.theregister.co.uk/2010/06/04/digital_river_hack/ Hack on e-commerce co. exposes records for 200,000 'Highly unusual search command' By Dan Goodin in San Francisco Posted in Security, 4th June 2010 23:33 GMT E-commerce company Digital River exposed data belonging to almost 200,000 individuals after hackers executed a .highly unusual search command. against its secured servers, according to a news report. The breach came to light only after a 19-year-old New York man allegedly tried to sell the purloined data for as much as $500,000, The Minneapolis Star-Tribune reported Friday. After Eric Porat made repeated attempts to persuade a company called Media Breakaway to buy the information, company officials alerted their counterparts at Digital River, the paper reported, citing court documents. A federal grand jury is investigating the matter with help from the FBI. The data contained names, email addresses, websites, and unique user-identification numbers for 198,398 individuals. It was originally gathered by affiliated marketing companies using software offered by Digital Rivers subsidiary Direct Response Technologies and stored on password-protected servers. It was stolen in late January using a .highly unusual. search command. The report didn't elaborate. [..] _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- Hack on e-commerce co. exposes records for 200, 000 security curmudgeon (Jun 06)