'Coordinated' Hackers Steal Internet Retailer Customer Credit Cards - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Software // Information Management

'Coordinated' Hackers Steal Internet Retailer Customer Credit Cards

Vertical Web Media's president says hackers breached the company's network even though patches were up-to-date and defenses were in place.

Despite running what he thought was a well-secured network, the president of a publishing company has disclosed that a "coordinated and sophisticated" group of hackers broke in and stole customers' credit card information.

Vertical Web Media said its network was breached in August and hackers made off with customers' names, addresses, phone numbers and e-mail addresses, along with credit card numbers and expiration dates. Jack Love, president of the Chicago-based publisher of Internet Retailer magazine added that only a portion of the company's customers were compromised because the data was pulled offline as soon as the publisher was alerted by a customer that there was a problem.

"This troubles us deeply... We thought our site was extremely well protected," Love told InformationWeek. "We were up-to-date on all our patches. We get a quarter of a million visits a month to our site. We've seen hacking attempts before. Anyone with a site that highly trafficked is going to see that, but we hadn't had a problem. We had a sense of security. But the message here is you can never feel content with security. You have to be ever vigilant."

Love said in mid to late August they were first contacted by a customer telling them there might be a problem but they couldn't pinpoint any security holes. "We immediately assumed there was a problem and took all the credit cards off the site," he added. Then in late August, they were contacted by another customer who said his credit card information had been stolen and the Vertical Web Media site was the only place he had used it.

An investigation found that hackers had been attacking the network from about half a dozen IP addresses around the world, Love said. One would breach the network for about 10 minutes, and then another would pick up the attack from another IP address for another 10 minutes. He added that they were using queries on the system that only produced information on one customer at a time.

Love said he could not reveal how the hackers got into the network at this point because of the ongoing investigation.

"It was too coordinated and sophisticated... This was no joy ride," said Love. "It was no whiz kid playing with us."

The company president added that they pinpointed the hackers' entry point on Aug. 29 and notified the FBI the same day. Letters went out to the affected customers on Sept. 7.

Love said law enforcement is continuing to investigate the breach, and forensic investigators are reviewing logs and records.

The news of the breach at Vertical Web Media comes less than a week after TD Ameritrade Holding disclosed information that a hacker breached its network and stole information on 6.3 million of its customers. This week, an attorney launching a class-action lawsuit against the online brokerage alleged the company knew a hacker had access to a customer database as far back as a year ago.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
News
The State of Chatbots: Pandemic Edition
Jessica Davis, Senior Editor, Enterprise Apps,  9/10/2020
Commentary
Deloitte on Cloud, the Edge, and Enterprise Expectations
Joao-Pierre S. Ruth, Senior Writer,  9/14/2020
Slideshows
Data Science: How the Pandemic Has Affected 10 Popular Jobs
Cynthia Harvey, Freelance Journalist, InformationWeek,  9/9/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
IT Automation Transforms Network Management
In this special report we will examine the layers of automation and orchestration in IT operations, and how they can provide high availability and greater scale for modern applications and business demands.
Slideshows
Flash Poll