A Russian computer enthusiast claims to have exploited a security flaw in ICVerify, the popular billing software for online credit-card transactions marketed by Cybercash, Inc. And in so doing he has culled a spectacular total of over 300,000 working accounts, the New York Times reports. The intruder allegedly obtained customer account details from CD Universe, an online music merchant, by exploiting a security weakness in the ICVerify software which the company uses. He then approached CD Universe with a proposal to destroy the stolen data in exchange for US $100,000. The company declined the offer, and the extortionist replied by distributing some 25,000 working account numbers on a Web site from Christmas day, though the site has recently been shut down. We will post further details of this rather intriguing and potentially embarrassing story as they become available. ®