[ISN] Hack on e-commerce co. exposes records for 200,000

From: InfoSec News <alerts_at_private>
Date: Mon, 7 Jun 2010 00:27:01 -0500 (CDT)
http://www.theregister.co.uk/2010/06/04/digital_river_hack/

By Dan Goodin in San Francisco
The Register
4th June 2010

E-commerce company Digital River exposed data belonging to almost 
200,000 individuals after hackers executed a "highly unusual search 
command" against its secured servers, according to a news report.

The breach came to light only after a 19-year-old New York man allegedly 
tried to sell the purloined data for as much as $500,000, The 
Minneapolis Star-Tribune reported Friday. After Eric Porat made repeated 
attempts to persuade a company called Media Breakaway to buy the 
information, company officials alerted their counterparts at Digital 
River, the paper reported, citing court documents. A federal grand jury 
is investigating the matter with help from the FBI.

The data contained names, email addresses, websites, and unique 
user-identification numbers for 198,398 individuals. It was originally 
gathered by affiliated marketing companies using software offered by 
Digital Rivers subsidiary Direct Response Technologies and stored on 
password-protected servers.

It was stolen in late January using a "highly unusual" search command. 
The report didn't elaborate.

[...]


_______________________________________________
Best Selling Security Books and More!
Shop InfoSec News
http://www.shopinfosecnews.org/ 
Received on Sun Jun 06 2010 - 22:27:01 PDT

This archive was generated by hypermail 2.2.0 : Sun Jun 06 2010 - 22:33:03 PDT