Case Study I
On January 2000 a
wake-up call came from a computer hacker from Russia who managed
to break into the system of CD Universe -one of the larger on-line
music stores. The hacker copied 300,000 customers' credit card
numbers and tried to extort money. The hacker demanded a ransom
of US $100 000 in exchange for the stolen information. The
company refused to pay, so the hacker posted the names and credit
card numbers of 25,000 customers on the Net (Kravitz 30)
Brad Greenspan, chairman of eUniverse, CD Universe's parent
company said, "Refusing to bow to this new breed of cyber-criminals,
we have taken a stand against a new form of online blackmail on
behalf of all legitimate e-commerce retailers." source: http://www.ecommercetimes.com/
"The hacker created a Web site, entitled Maxus Credit Card
Pipeline, and started posting the vital data of the credit card
accounts. The person publicized the site by announcing its
existence on Internet relay chat channels frequented by self-described
hackers and credit card thieves. The site was so popular that
Maxus had to restrict visitors to one credit card viewing per
visit." source: http://www-users.cs.york.ac.uk/~jdm/
"The hacker told the New York Times reporter that he had
been stealing credit cards since 1997 and was able to use the
ICVERIFY program to make a charge on a credit card and then issue
a charge back refund to a second card" source: http://www.ecommercetimes.com/
This instance was the first report of a large-scale theft on an e-commerce
site and it raised consumers concerns and made Internet users
worry about their security and privacy with on-line personal data.