Egghead doubts hackers got the goods
Cancelling your credit card was just a precaution
Hacked computer e-tailer Egghead.com said it has "evidence which suggests" that its team of security sleuths interrupted the recent cyber break-in while it was going on, a mysterious event which may or may not have resulted in millions of credit card details being compromised.
Reports from the credit card issuers "suggest that fewer than 7500 accounts that appear in our system have shown suspected fraudulent activity", the company said.
That sounds like quite a lot to us, but Egghead dismisses it as within spec for 'normal' - or 'background' - fraud.
"It is difficult to determine whether any fraudulent activity on this relatively small number of credit cards can be traced back to the attack on our system, or whether it may be the result of credit card theft elsewhere. At this point, the evidence we have gathered to date suggests that these credit card numbers were not obtained from our site."
OK, so we know what, "to date" it all "suggests". No surprise there; but one thing we hadn't anticipated is the amount of heroic courage and selfless concern motivating the company, until they informed us of it.
"I realise that taking this precautionary measure of informing you and the credit card companies of the breach resulted in the cancellation of credit cards, and even embarrassment, for some of you, and we sincerely apologize for any trouble this may have caused," Egghead CEO Jeff Sheahan told customers in an e-mail memo Monday.
"However, that was the risk we ran by going public, and it is important to understand that the actions taken by the credit card issuers were also out of their eagerness to protect your best interests."
Very touching. But federal law limits a credit card holder's liability to a measly $50 for fraudulent use, and we suspect most would gladly give up the dough to escape the bureaucratic hassle of having their accounts deactivated and resurrected. It's pretty clear whose "best interests" are being protected here.
Not that they don't deserve to be protected. But one does tire of the corporate Pollyanna hogwash which strives to rationalise every stuff-up and inconvenience as some 'feature' for which we ought to be grateful. ®
Sponsored: Becoming a Pragmatic Security Leader