Welcome to WebmasterWorld Guest from 184.108.40.206
Forum Moderators: buckworks
Seventeen million customers of the online payment service iBill have had their personal information released onto the internet, where it's been bought and sold in a black market made up of fraud artists and spammers, security experts say.
The stolen data, examined by Wired News, includes names, phone numbers, addresses, e-mail addresses and internet IP addresses. Other fields in the compromised databases appear to be logins and passwords, credit-card types and purchase amounts, but credit-card numbers are not included.
The transactions documented in the database are dated between 1998 and 2003, spanning a period at the height of iBill's success.
You would think someone interally would caught such a thing, no matter how it was done.
Clearly you've never worked in the IT department of a large corporation. They are pretty clueless when it comes to what's going on just about anywhere. :)
As a software developer, I could have easily burned enormous amounts of private information on customers (individuals and businesses, addresses, CC numbers, billing information, etc. etc.--very private stuff) to CD and sold it off to the highest bidder and the company would never know a thing because, as I said, management is clueless.
I could have easily burned enormous amounts of private information on customers (individuals and businesses, addresses, CC numbers, billing information, etc. etc.--very private stuff) to CD and sold it off to the highest bidder and the company would never know a thing because, as I said, management is clueless.
Anyone who watches "24" should get this. ;)
Contacted by Wired News, one of the victims of the breach expressed dismay that his information was in the hands of criminals. The 41-year-old San Diego man says he allowed a "business partner" to use his credit card on an adult website dedicated to finding resources in Tijuana's red light district, with discussion groups and locations of prostitutes.
Out of 17 million records, the one person they contacted had lent his credit card to someone else, he hadn't used porn himself.
What are the odds? :-D
If you are a site owner in a similar situation: do you plan any action to relay the news to your customers? Should I send an email to each of them apologizing? Or should I just ignore it?
Actually collecting new credit cards is easy, they're constantly pushing them. Maybe throw away accounts is the way to go, just close out accounts when you get a new card.
Another trick you can play is get a Visa/MC debit card for a stand alone bank account and only transfer funds to that account to cover actual purchases. If you suddenly get nailed there's no money there to take and the damage is very limited.