04-03-2001, 12:51 AM
|
|
Web Hosting Guru
|
|
Join Date: Oct 2000
Posts: 279
|
|
http://www.msnbc.com/news/553615.asp
Web host's customer database stolen
Hacker claims theft of 46,000 ADDR.com client records
By Bob Sullivan
MSNBC
April 2 - A computer criminal claims to have stolen personal information on 46,000 customers from Web hosting company ADDR.com. The data includes account names and passwords that could be used to alter Web site content, as well as credit card information. Several victims of the heist report finding thousands of dollars in fraudulent charges on the credit cards in recent weeks. ADDR.com has so far not commented on the alleged heist.
[snip]
|
04-03-2001, 01:08 AM
|
|
Web Hosting Guru
|
|
Join Date: Mar 2001
Posts: 250
|
|
That is a prime example why I will never, never ever, never never ever, ever never oops.... sorry.
Anyways, this is why I would never store a customers personal information on a computer accessible to the world.
Warm regards and deepest sympathy for ADDR clients 
Mike
|
04-03-2001, 01:27 AM
|
|
Web Hosting Master
|
|
Join Date: Oct 2000
Posts: 550
|
|
|
04-03-2001, 01:33 AM
|
|
Web Hosting Guru
|
|
Join Date: Mar 2001
Posts: 250
|
|
hehe, yup.... lets see... 46,000 clients... maybe 1/4 gets their card used for an un-authorized sale... dang, that's a heck of a lot of charge backs 
|
04-03-2001, 08:15 PM
|
|
<insert something witty>
|
|
Join Date: Apr 2000
Location: California
Posts: 3,051
|
|
Addr.com sucks, this has been a problem for quite a LONG time actually. And that exact problem has existed for this duration of that "long time". This poor security and problems with the design of their network and systems linked together with NFS mounted drives on top of that and much more, has been around for a while, and storing this information mentioned on top of that, it was only a matter of time until a criminal got a hold of those files.
|
04-03-2001, 08:33 PM
|
|
Community Guide
|
|
Join Date: Jun 2000
Location: Washington, USA
Posts: 5,976
|
|
__________________
John T. Yocum -- Fluid Hosting
Shared - VPS - Dedicated - Colocation
|
04-03-2001, 08:54 PM
|
|
Newbie
|
|
Join Date: Mar 2001
Posts: 8
|
|
He might post all the info on a website that would be worse.
|
04-03-2001, 09:15 PM
|
|
Retired Moderator
|
|
Join Date: Dec 2000
Location: Leesburg, VA
Posts: 3,205
|
|
Quote:
Originally posted by mrfunnyman
He might post all the info on a website that would be worse.
|
He could post it on a website hosted by addr.com which would be even worse.
|
04-03-2001, 10:07 PM
|
|
Disabled
|
|
Join Date: Mar 2001
Posts: 134
|
|
Quote:
|
April 2 - A computer criminal claims to have stolen personal information on 46,000 customers from Web hosting company ADDR.com. The data includes account names and passwords that could be used to alter Web site content, as well as credit card information. Several victims of the heist report finding thousands of dollars in fraudulent charges on the credit cards in recent weeks. ADDR.com has so far not commented on the alleged heist.
|
Figures.
The same thing happened to creditcards.com a little while ago and that really messed them up. The hacker posted all the credit card numbers on a web site and demanded money. I feel sorry for the people with those CC numbers! Anyway, creditcards.com recently changed their name to ipayment.com or something. They really suck.
|
04-04-2001, 10:21 AM
|
|
Junior Guru Wannabe
|
|
Join Date: Mar 2001
Posts: 44
|
|
This could happen to any company that stores credit card details on PCs connected to the net, but could it have been prevented if the credit card info was encrypted? and how can they be encrypted?
I heard VISA is gradually demanding that card databases be encrypted.
|
04-04-2001, 05:12 PM
|
|
Newbie
|
|
Join Date: Jan 2001
Posts: 12
|
|
Is This A Problem For BillAdmin Too?
I was thinking about going with BillAdmin, but I'm concerned if the they too are open to hacks? Any thought would be great1
Sean
|
04-05-2001, 04:02 AM
|
|
<insert something witty>
|
|
Join Date: Apr 2000
Location: California
Posts: 3,051
|
|
Quote:
Originally posted by jonglenn
This could happen to any company that stores credit card details on PCs connected to the net, but could it have been prevented if the credit card info was encrypted? and how can they be encrypted?
I heard VISA is gradually demanding that card databases be encrypted.
|
Addr.com stored this information, which was the problem. The fact it wasn't encrypted added a lot of that problem, surely. They had no business doing such, especially with full CC numbers and addresses, etc. They have no business knowing someone's full CC number, or rather, no business being able to access it or storing it in such a fashion.
Further, their horribly insecure servers made it not only possible, but likely a criminal would obtain this file and use it for ill intended purposes, eventually. Believe me, if you're on Addr.com, you don't even *want* to know, and just move off of them!
|
04-05-2001, 05:41 AM
|
|
Web Hosting Master
|
|
Join Date: Nov 2000
Location: USA
Posts: 1,269
|
|
On a somewhat unrelated note, I've noticed that Addr.com has the top spot on Goto.com for "web hosting"--at an amazing $5.01 per click! I don't know what the click-through ratio on Goto is for the #1 web hosting position, but my guess is that must be costing them thousands--if not tens of thousands--per day.
|
| Thread Tools |
Search this Thread |
|
|
|
| Display Modes |
 Linear Mode
|
| Postbit Selector |
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
|
|
| Login: |
|
|
| Advertisement: |
|
|
| Web Hosting News: |
|
|
|
