Re: INCIDENT: WebCertificate.com hacked

From: Brett Glass (brettat_private)
Date: Thu Oct 11 2001 - 10:23:15 PDT

Next message: Richard M. Smith: "RE: Serious security Flaw in Microsoft Internet Explorer - Zone Spoofing"

Previous message: Arne Vidstrom: "Vulnerabilities in Ipswitch IMail Server 7.04"
In reply to: Simon Gales: "INCIDENT: WebCertificate.com hacked"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

At 06:57 AM 10/11/2001, Simon Gales wrote:

>I received the following email this morning (appropriately cleansed):
>
>[SNIP]
>
>I've notified privacyat_private and VISA, and am awaiting their
>response.

FYI:

The number that is claimed to be a "credit card" number in these
malicious e-mails is not one. It's the serial number of a 
"Webcertificate." There is therefore no reason to notify your
credit card issuer. The vendor knows which numbers were
compromised and has invalidated them already, so there is no
risk of theft. Users will receive new certificate numbers and
will not lose credt from their accounts.

--Brett

Next message: Richard M. Smith: "RE: Serious security Flaw in Microsoft Internet Explorer - Zone Spoofing"
Previous message: Arne Vidstrom: "Vulnerabilities in Ipswitch IMail Server 7.04"
In reply to: Simon Gales: "INCIDENT: WebCertificate.com hacked"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Oct 11 2001 - 13:22:33 PDT