Jewish World Review March 8, 2001 / 13 Adar, 5761
http://www.jewishworldreview.com -- A Web site that helps people locate hard-to-find and out-of-print books will stop allowing customers to make payments on the site after customer credit-card numbers and other personal information were stolen during a hack attack.
Waltham, Mass.-based Bibliofind.com discovered the security breach in late February after its site was defaced. At the time, the company discovered that someone had been accessing files from its server and downloading compressed data since October, said Jim Courtovich, a company spokesman.
Bibliofind, which was acquired by Amazon.com in 1999, said information provided by 98,000 customers was affected. The company won't reveal how many customers it has for competitive reasons.
Finally, last Friday, the company took its server offline and purged customer addresses, phone numbers and credit-card information. The server was put back online this week, when the company also e-mailed customers informing them of the breach.
"From here on in, customers will arrange for payment directly with the sellers," Courtovich said.
Although the company said there is no evidence that the information has been misused, credit-card companies and the FBI have been notified.
Courtovich wouldn't reveal details about how the hack happened and who might be responsible.
Amazon customers were unaffected by the Bibliofind intrusion, according to Amazon spokeswoman Patty Smith. "At no point were Amazon's systems in jeopardy," she said. "They run on different operating platforms and don't communicate or share information with each other in any way."
Bibliofind is the latest company to discover that hackers have accessed data on its servers. In November, Microsoft was hit by three hacks in less than two weeks, including a monthlong intrusion by someone using valid credentials to sneak around the network.
More recent hacks include: exposed data of 3,700 customers at
Columbia House's Web site last month, compromised personal data
of more than 50,000 Travelocity.com customers in January and
compromised data from Egghead.com's 3.7 million users in
ElinorAbreu writes for The Industry Standard. Comment by clicking here.