'Coordinated' Hackers Steal Internet Retailer Customer Credit Cards - InformationWeek
IoT
IoT
Software // Information Management
News
9/19/2007
12:17 PM
50%
50%
RELATED EVENTS
Free Yourself from Legacy Apps
Jun 08, 2017
They've served their purpose years ago, but now they're stretching your IT budget and increasing s ...Read More>>

'Coordinated' Hackers Steal Internet Retailer Customer Credit Cards

Vertical Web Media's president says hackers breached the company's network even though patches were up-to-date and defenses were in place.

Despite running what he thought was a well-secured network, the president of a publishing company has disclosed that a "coordinated and sophisticated" group of hackers broke in and stole customers' credit card information.

Vertical Web Media said its network was breached in August and hackers made off with customers' names, addresses, phone numbers and e-mail addresses, along with credit card numbers and expiration dates. Jack Love, president of the Chicago-based publisher of Internet Retailer magazine added that only a portion of the company's customers were compromised because the data was pulled offline as soon as the publisher was alerted by a customer that there was a problem.

"This troubles us deeply... We thought our site was extremely well protected," Love told InformationWeek. "We were up-to-date on all our patches. We get a quarter of a million visits a month to our site. We've seen hacking attempts before. Anyone with a site that highly trafficked is going to see that, but we hadn't had a problem. We had a sense of security. But the message here is you can never feel content with security. You have to be ever vigilant."

Love said in mid to late August they were first contacted by a customer telling them there might be a problem but they couldn't pinpoint any security holes. "We immediately assumed there was a problem and took all the credit cards off the site," he added. Then in late August, they were contacted by another customer who said his credit card information had been stolen and the Vertical Web Media site was the only place he had used it.

An investigation found that hackers had been attacking the network from about half a dozen IP addresses around the world, Love said. One would breach the network for about 10 minutes, and then another would pick up the attack from another IP address for another 10 minutes. He added that they were using queries on the system that only produced information on one customer at a time.

Love said he could not reveal how the hackers got into the network at this point because of the ongoing investigation.

"It was too coordinated and sophisticated... This was no joy ride," said Love. "It was no whiz kid playing with us."

The company president added that they pinpointed the hackers' entry point on Aug. 29 and notified the FBI the same day. Letters went out to the affected customers on Sept. 7.

Love said law enforcement is continuing to investigate the breach, and forensic investigators are reviewing logs and records.

The news of the breach at Vertical Web Media comes less than a week after TD Ameritrade Holding disclosed information that a hacker breached its network and stole information on 6.3 million of its customers. This week, an attorney launching a class-action lawsuit against the online brokerage alleged the company knew a hacker had access to a customer database as far back as a year ago.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of Data and Analytics
Today's companies are differentiating themselves using data analytics, but the journey requires adjustments to people, processes, technology, and culture. 
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll