By Justin Lee, theWHIR.com
June 10, 2008 — (WEB HOST INDUSTRY REVIEW) — The credit card information of up to 38,000 customers of clothing firm Cotton Traders’ (cottontraders.co.uk/) one million customers was stolen after its website was hacked into, BBC News reported Tuesday.
Cotton Traders has not revealed the size of the attack, but it did say that its website was attacked earlier this year in January. At which point, the company contacted Barclaycard immediately where the credit card firm cancelled most of the affected cards. Apacs, the trade association for the payment industry, said the attack was significant because the criminals accessed information for “card not present” fraud. The case was being investigated by a special police unit.
Cotton Traders said in a prepared statement that all of its customers’ credit card information was encrypted on the website.
Cotton Traders said:
“Earlier this year we identified a security issue. We immediately brought in industry security experts to resolve the problem. Cotton Traders have recently upgraded all security on their website which has been validated by leading Industry experts. We would like to reassure all our customers that their data is secure and that the Cotton Traders website meets all leading Industry security standards.”
The addresses of customers were also stolen, reports BBC News. Last year, the TK Maxx website was hacked, resulting in the loss of 45 million card details.
In the case of that attack, credit card and debit information dating back as far as December 2002 was accessed on the firm’s computer systems over a 16-month period.
Authorities are not quite sure what techniques were used to break into the Cotton Traders website. The company says those customers worried about their cards should call their card provider.
