[ISN] CheckFree warns 5 million customers after hack

From: InfoSec News <alerts_at_private>
Date: Wed, 7 Jan 2009 00:09:46 -0600 (CST)
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9125078

By Robert McMillan
January 6, 2009 
IDG News Service

CheckFree and some of the banks that use its electronic bill payment 
service are notifying more than 5 million customers after criminals took 
control of several of the company's Internet domains and redirected 
customer traffic to a malicious Web site hosted in the Ukraine.

The Dec. 2 attack was widely publicized shortly after it occurred, but 
in a notice filed with the New Hampshire Attorney General, CheckFree 
disclosed that it was warning many more customers than previously 
thought.

hat's because CheckFree is not only notifying users of its own 
CheckFree.com Web site of the breach, it is also working with banks to 
contact people who tried to pay bills from banks that use the CheckFree 
bill payment service.

"The 5 million people who were notified about the CheckFree redirection 
were a combination of two groups," said Melanie Tolley, vice president 
of communications with CheckFree's parent company, Fiserv, in an 
prepared statement. "1.) those who we were able to identify who had 
attempted to pay bills from our client's bill pay sites and minus those 
who actually completed sessions on our site; and 2.) anyone enrolled in 
mycheckfree.com."

[...]


_______________________________________________      
Please help InfoSecNews.org with a donation!
http://www.infosecnews.org/donate.html
Received on Tue Jan 06 2009 - 22:09:46 PST

This archive was generated by hypermail 2.2.0 : Tue Jan 06 2009 - 22:14:21 PST