Security Firm Hacked!

Sensei Post in Identity Theft
0

Hackers break into computer-security firm’s customer database. Guidance Software — the leading provider of software used to diagnose hacker break-ins — has itself been hacked, resulting in the exposure of financial and personal data connected to thousands of law enforcement officials and network-security professionals. Guidance alerted customers to the incident in a letter sent last week, saying it discovered on December 7 that hackers had broken into a company database and made off with approximately 3,800 customer credit card numbers. Guidance’s EnCase software is used by security researchers and law enforcement agencies worldwide. John Colbert, the company’s chief executive officer, said Guidance alerted all of its customers less than two days after discovering the break-in, and that it would no longer store customer credit card data.
Guidance stored customer records in unencrypted databases, and indefinitely retained customers’ “card value verification” (CVV) numbers, the three-digit codes on the back of credit cards that are meant to protect against fraud in online and telephone sales, according to Colbert and the notification letter sent to customers. Merchant guidelines published by both Visa and MasterCard require sellers to encrypt customer credit-card databases. They are also prohibited from retaining CVV numbers for any longer than it takes to verify a given transaction.
[ Source ]

« Prev: :Next »