Case Study I

On January 2000 a wake-up call came from a computer hacker from Russia who managed to break into the system of CD Universe -one of the larger on-line music stores. The hacker copied 300,000 customers' credit card numbers and tried to extort money. The hacker demanded a ransom of US $100 000 in exchange for the stolen information. The company refused to pay, so the hacker posted the names and credit card numbers of 25,000 customers on the Net (Kravitz 30)

Brad Greenspan, chairman of eUniverse, CD Universe's parent company said, "Refusing to bow to this new breed of cyber-criminals, we have taken a stand against a new form of online blackmail on behalf of all legitimate e-commerce retailers." source:
http://www.ecommercetimes.com/



"The hacker created a Web site, entitled Maxus Credit Card Pipeline, and started posting the vital data of the credit card accounts. The person publicized the site by announcing its existence on Internet relay chat channels frequented by self-described hackers and credit card thieves. The site was so popular that Maxus had to restrict visitors to one credit card viewing per visit." source:
http://www-users.cs.york.ac.uk/~jdm/



"The hacker told the New York Times reporter that he had been stealing credit cards since 1997 and was able to use the ICVERIFY program to make a charge on a credit card and then issue a charge back refund to a second card" source:
http://www.ecommercetimes.com/



This instance was the first report of a large-scale theft on an e-commerce site and it raised consumers concerns and made Internet users worry about their security and privacy with on-line personal data.

Go to Case Study II