Security company has sensitive information stolen
The Antisec wing of hacking collective Anonymous allegedly hacked security consultancy firm Stratfor this month, according to reports. About 200 GB of information was taken from the servers, some of which may have been CVV codes of credit cards. IT Wire said this is information that PCI DSS guidelines say should never be stored.
“Four servers were rooted and wiped,” said one participant in the attack, according to Wired. “Charred like ashes, just like what we plan on doing with their old crumbling world.”
The news source said Antisec started posting customers' credit card details and plans to release more sensitive information leading up to New Year's Eve. The rest of the hacked information allegedly includes more than 850,000 user names, emails, passwords and data from 75,000 credit cards. There is also other internal documents and emails from the company.
Stratfor's website is currently off-line, IT Wire reports. The company announced the breach on Christmas Eve, saying "We have reason to believe that your personal and credit card data could have been included in the information that was illegally obtained and disclosed."
Ecommerce companies that rely on online payments need to make their customers' information is well-protected during transactions. Failure to secure these payments could result in financial losses and a tarnished brand name.