Information Security News mailing list archives
Data thief threatens to strike again
From: mea culpa <jericho () DIMENSIONAL COM>
Date: Wed, 12 Jan 2000 11:03:12 -0700
http://www.zdnet.com/zdnn/stories/news/0,4586,2420863,00.html?chkpt=zdnn011200 Data thief threatens to strike again Computer intruder who tried to extort CD Universe says he'll release more stolen credit card numbers. By Mike Brunker, MSNBC January 11, 2000 3:49 PM PT An e-mail author claiming to be the thief who released as many as 25,000 stolen credit card numbers earlier this month told NBC News he'll soon start distributing more card numbers on a new Web site. "Maxus," aka "Maxim," claims to have stolen 300,000 credit card files from online music retailer CD Universe. The site he set up to hand out stolen card information was shut down over the weekend, but a writer identifying himself as the thief told NBC he'll open up a new site "soon." In a separate note to MSNBC, the same writer hinted part of his motivation was to criticize e-commerce companies that don't do enough to preserve users' privacy. The heist sent shockwaves through the e-commerce world over the weekend. The intruder, who claims to have plundered 300,000 credit card numbers from an Internet music retailer's computers, posted thousands of numbers on a Web page after failing to force the company to pay him $100,000. The FBI is investigating the theft and attempted extortion, and the company, CD Universe, said it was advising customers that their credit card data could have been compromised. Word of the extortion plot surfaced Friday, when the thief contacted a California computer security firm and directed employees to the Web site where he apparently had been posting the credit numbers since Christmas Day. Asked why he thought CD Universe refused to pay him the $100,000, Maxus replied (sic), "They ... prefer money vs. people privacy." He also said he still has access to the CD Universe credit card database and can still glean credit card numbers from the site. Brad Greenspan, chairman of eUniverse, the parent company of CD Universe, said Monday that company officials and an outside security firm it had hired were still attempting to determine how the thief had made off with the financial information. But he said there are reasons to believe that other online retailers also could be vulnerable. Other sites could be vulnerable [snip..] ISN is sponsored by Security-Focus.COM
Current thread:
- Data thief threatens to strike again mea culpa (Jan 12)