|Is Your Credit Card Safe?|
With the holidays rapidly approaching, online commerce transaction totals are reaching all-time highs. Are you doing your gift shopping online this year? If so, have you stopped to consider where your credit card information is actually going? Sure, there's that reassuring lock on the bottom of your browser window. That means everything is safe and secure, right?
Not always. That lock icon indicates that your credit card number is being encrypted while in transit over the Internet and decrypted on the other side. The merchant then usually stores your credit card number in an order processing database -- sometimes without appropriate levels of encryption or other security measures.
He wasn't kidding. Users who clicked on the large button in the middle of the screen received detailed information on a randomly selected credit card -- enough to go out and authorize transactions.
In an interview with MSNBC, Maxus claimed to have stolen over 55,000 individual credit card records from the databases of CreditCards.com -- a processor of credit cards for hundreds of e-commerce sites. This isn't the first time, either. Officials suspect that Maxus is a member of a four-person hacking group based in the former Soviet Union.
Unfortunately, the CreditCards.com incident is only the most recent in a string of attacks against online databases. In January 2000, hackers assisted MSNBC reporters in the retrieval of 2,500 credit records from another e-commerce site by exploiting a vulnerability in Microsoft's SQL Server database product. Nine months later, a hacker protesting the high fuel taxes in the United Kingdom defaced 168 corporate websites using the same methods.