'Coordinated' Hackers Steal Internet Retailer Customer Credit Cards - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Software // Information Management

'Coordinated' Hackers Steal Internet Retailer Customer Credit Cards

Vertical Web Media's president says hackers breached the company's network even though patches were up-to-date and defenses were in place.

Despite running what he thought was a well-secured network, the president of a publishing company has disclosed that a "coordinated and sophisticated" group of hackers broke in and stole customers' credit card information.

Vertical Web Media said its network was breached in August and hackers made off with customers' names, addresses, phone numbers and e-mail addresses, along with credit card numbers and expiration dates. Jack Love, president of the Chicago-based publisher of Internet Retailer magazine added that only a portion of the company's customers were compromised because the data was pulled offline as soon as the publisher was alerted by a customer that there was a problem.

"This troubles us deeply... We thought our site was extremely well protected," Love told InformationWeek. "We were up-to-date on all our patches. We get a quarter of a million visits a month to our site. We've seen hacking attempts before. Anyone with a site that highly trafficked is going to see that, but we hadn't had a problem. We had a sense of security. But the message here is you can never feel content with security. You have to be ever vigilant."

Love said in mid to late August they were first contacted by a customer telling them there might be a problem but they couldn't pinpoint any security holes. "We immediately assumed there was a problem and took all the credit cards off the site," he added. Then in late August, they were contacted by another customer who said his credit card information had been stolen and the Vertical Web Media site was the only place he had used it.

An investigation found that hackers had been attacking the network from about half a dozen IP addresses around the world, Love said. One would breach the network for about 10 minutes, and then another would pick up the attack from another IP address for another 10 minutes. He added that they were using queries on the system that only produced information on one customer at a time.

Love said he could not reveal how the hackers got into the network at this point because of the ongoing investigation.

"It was too coordinated and sophisticated... This was no joy ride," said Love. "It was no whiz kid playing with us."

The company president added that they pinpointed the hackers' entry point on Aug. 29 and notified the FBI the same day. Letters went out to the affected customers on Sept. 7.

Love said law enforcement is continuing to investigate the breach, and forensic investigators are reviewing logs and records.

The news of the breach at Vertical Web Media comes less than a week after TD Ameritrade Holding disclosed information that a hacker breached its network and stole information on 6.3 million of its customers. This week, an attorney launching a class-action lawsuit against the online brokerage alleged the company knew a hacker had access to a customer database as far back as a year ago.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Study Proposes 5 Primary Traits of Innovation Leaders
Joao-Pierre S. Ruth, Senior Writer,  11/8/2019
Top-Paying U.S. Cities for Data Scientists and Data Analysts
Cynthia Harvey, Freelance Journalist, InformationWeek,  11/5/2019
10 Strategic Technology Trends for 2020
Jessica Davis, Senior Editor, Enterprise Apps,  11/1/2019
White Papers
Register for InformationWeek Newsletters
Current Issue
Getting Started With Emerging Technologies
Looking to help your enterprise IT team ease the stress of putting new/emerging technologies such as AI, machine learning and IoT to work for their organizations? There are a few ways to get off on the right foot. In this report we share some expert advice on how to approach some of these seemingly daunting tech challenges.
Flash Poll