Yesterday, we ran a news story about further developments in the hack on Web Hosting Talk servers. It had come to light, early Tuesday morning, that the hacker had accessed and distributed a list of stored credit card data.
Shortly after posting the story, I updated the story to include information about the contents of the compromised credit card database, including the suggestion that it might have included stored CCV/CVV data (a PCI standards violation), and that certain credit cards may have been marked “removed” rather than having actually been removed.
Today at 4:00, I posted another update from the story, after receiving a response from iNet pointing me in the direction of offical statements posted on WHT. I’ll include the full text of today’s update here.
Bottom line, if you’ve advertised on WHT, and you think your credit card info fits the profile of the information that might have been compromised – don’t wait to hear from iNet. Cancel the credit card. The information is being distributed on the Web, and several WHT posters have already mentioned fraudlent charges showing up on their accounts.
UPDATE (APRIL 8, 4:00 P.M.):
iNet Interactive responded to our questions by linking to a thread on WHT discussing the further breach, and to a statement from the company, also posted in WHT.
“We regret the impact this situation continues to have on the WHT community,” begins the announcement.
The notice says that at 6:15 a.m. on Tuesday, the hacker “communicated that he also had stolen credit card data.” The company says it had initially reported that no credit card data was compromised because “some of our older systems do store credit card data, and that data sits on a database server separate from the WHT databases and under a separate layer of security. At the time of the March 21st attack, we could find no evidence that the database server containing credit card data was compromised.”
The notice says the company’s current research shows the breach encompassed 318 valid credit card numbers with CCV code and about 1,900 expired credit card numbers with CCV code.
“The breach occurred on a system containing 9,561 credit card numbers,” says the notice. “We are still assessing how many of the 9,561 potentially exposed credit card numbers are valid. All confirmed and potential data breaches will be reported to the credit card holder.”
Some posters in the updated thread have pointed out that, based on the content of the hacker’s post, and the information in the database file, the credit card information seems to have been downloaded in a further attack, which might have taken place after March 25.
Posting on behalf of iNet, WHT user SoftwareRevue has addressed some questions posted in the discussion thread. He has said that iNet is working with an outside security firm currently, and that the company is moving to a third-party credit card processing system that will not store any data. He has referred to the storing of CCV/CVV data as a “mistake,” but has not addressed whether the company expects to see any retribution from credit card companies for violating PCI security standards.
About Liam Eagle
Liam Eagle has worked as a contributor to the Web Host Industry Review since its inception in 2000, and as editor since 2003. He has been editor of the WHIR's print magazine since its launch. His daily involvement in the gathering and reporting of Web hosting news and his regular interaction with Web hosting leaders gives him an uncommonly broad appreciation of the issues and tends facing the business. Through his WHIR blog, Liam spots Web hosting trends and offers opinions on the industry-wide impacts of major developments and the motivation behind big announcements. Follow him on Twitter @liameagle
No related posts.
