Feeds

Blackmailer posts credit card details on the Net

Hackers mock site's lax security

  • alert
  • submit to reddit

New hybrid storage solutions

A computer cracker lifted 55,000 credit card numbers from Creditcards.com and then posted the information on the Internet after an unsuccessful attempt to blackmail the credit card processing firm.

The New York Times said it had been told by "a person close to the investigation" that an intruder contacted Creditcards.com after breaking its site, and after a demand for money was refused, published the credit card data on the Internet earlier this week.

A spokesman for Creditcards.com, Laurent Jean, told the New York Times, "We are aware of the issues and understand their severity, and also are in contact with the FBI."

Details of the three sites which carried the credit card information, which have since been pulled down, were included in a widely circulated email. This email, which had a spoofed address so that it appeared to come from Microsoft, mocked the security of Creditcard.com and described it as today's "TOP Unsecure Company".

The email said: "We represent a group of experts trying to save you from companies, which do not care about their clients. For your attention we have designed the 'Never trust companies' list."

The message, which is signed by the previously unknown L33chWareZ haCkInG Gr0Up, adds: "Any simple hacker can get into Creditcards.com where your confident information stored."

US reports suggest that the Creditcards.com site was broken into four months ago but despite this the firm failed to notify individual card holders that their details might have been compromised.

Los Angeles-based Creditcards.com sets up merchants accounts that allow businesses to accept payment for ecommerce transactions via credit cards. Customers need not have visited CreditCards.com to have become the unwitting victims of the incident, anyone who used an affiliated merchant (a list of which was removed form CreditCards.com site but available here, could also have had their credit card details compromised.

The case is not the first time extortionists have targeted web sites they have successfully broken into. In January a Russian cracker who claimed to have stolen 300,000 credit cards from CDuniverse.com posted their details on his site after unsuccessfully demanding $100,000.

Credit card issuer Visa was itself subject to a £10 million extortion attempt by what were believed to be British hackers. ®

Providing a secure and efficient Helpdesk

More from The Register

next story
Quit drooling, fanbois - haven't you SEEN what the iPhone 6 costs?
How keen will buyers be when exposed to the real price?
Ex-Autonomy execs: HP's latest wad blows apart fraud allegations
Top bods claim IT titan's latest court filing is smoking gun of 'reckless aggression'
Forget silly privacy worries - help biometrics firms make MILLIONS
Beancounter reckons dabs-scanning tech is the next big moneypit
Elon Musk says Tesla's stock price is too high ... welp, NOT ANY MORE
As Nevada throws the SpaceX supremo a $1.25bn bone
Microsoft's Office Delve wants work to be more like being on Facebook
Office Graph, social features for Office 365 going public
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.