25.000 creditcard gegevens gehacked

Celestion stuurde me naar deze site waar verteld wordt dat er onlangs 25.000 creditcard gegevens van CDUniverse.com zijn ontfutseld door een 18-jarige Russische hacker. De gegevens zijn door hem later ook op een site geplaatst nadat CDUniverse.com hem geen $100.000 dollar betaalde.

In what may be the largest credit card heist on the Internet, an 18-year-old Russian cracker claims to have stolen thousands of credit card numbers from an online store and dispensed them to visitors of his Web site.

Before it was taken offline early Sunday morning, the rogue site, a page of which has been captured here, had doled out more than 25,000 stolen card numbers. Also included with the numbers were expiration dates and cardholder names and addresses, according to a counter on the page. With the click of a button, visitors could launch a script that purportedly obtained a valid credit card "directly from the biggest online shop database," according to a message at the site.

The cracker, who goes by the nickname Maxus, claimed in an e-mail to InternetNews.com to have breached the security of CDuniverse.com, an online music store operated by eUniverse, Inc. of Wallingford, Conn. Maxus said he had defeated a popular credit card processing application called ICVerify, from CyberCash (CYCH) and obtained a database containing more than 300,000 customer records from CDuniverse.

As proof of his exploit, Maxus e-mailed a file to InternetNews containing dozens of user names and passwords for accessing customer order status information at CDuniverse.

One of the victims, Greg Wilson of Binghamton, N.Y., confirmed that he had shopped at the online music store over a year ago. According to Wilson, he was contacted by his credit card company's fraud division last week after someone had attempted to make an authorized charge to his card.