funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Fwd: [Dataloss] Network Solutions Hack Compromises 573, 000 Credit, Debit Accounts

From: Paul Ferguson <fergdawgster () gmail com>
Date: Fri, 24 Jul 2009 16:59:56 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Yow.

- - ferg


- ---------- Forwarded message ----------
From: security curmudgeon <jericho () attrition org>
Date: Fri, Jul 24, 2009 at 3:51 PM
Subject: [Dataloss] Network Solutions Hack Compromises 573, 000 Credit,
Debit Accounts
To: dataloss-discuss () datalossdb org, dataloss () datalossdb org



http://voices.washingtonpost.com/securityfix/2009/07/network_solutions_hack
_comprom.html

Network Solutions Hack Compromises 573,000 Credit, Debit Accounts
By Brian Krebs  |  July 24, 2009; 5:20 PM ET

Network Solutions Hack Compromises 573,000 Credit, Debit Accounts

Hackers have broken into Web servers owned by domain registrar and hosting
provider Network Solutions, planting rogue code that resulted in the
compromise of more than 573,000 debit and credit card accounts over the
past three months, Security Fix has learned.

Herndon, Va. based Network Solutions discovered in early June that
attackers had hacked into Web servers the company uses to provide
e-commerce services - a package that includes everything from Web hosting
to payment processing -- to at least 4,343 customers, mostly mom-and-pop
online stores. The malicious code left behind by the attackers allowed
them to intercept personal and financial information for customers who
purchased from those stores, Network Solutions spokeswoman Susan Wade
said.

Wade said the company is working with federal law enforcement and a
commercial data breach forensics team to determine the cause and source of
the break-in. The payment data stolen was captured from transactions made
between March 12, 2009 and June 8, 2009.

[..]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)

wj8DBQFKakrxq1pz9mNUZTMRAi4OAKDcYynSgCrq6O2aVj9VjUNaqzC/kgCfXMuQ
9f7Lq4feDPBAQHGw86GFY88=
=Somq
-----END PGP SIGNATURE-----


-- 
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawgster(at)gmail.com
 ferg's tech blog: http://fergdawg.blogspot.com/
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: