Hackers May Have Nabbed 50,000 Credit Cards' Data By Dick Kelsey, Newsbytes

SAN CARLOS, CALIFORNIA, U.S.A.,

11 Feb 2000, 5:37 PM CST

A security breach at Internet keyword searcher RealNames Inc., may have snatched credit card data from 50,000 customers, the company said today.

"We could not determine whether the hacker had been successful but we could see that an attempt was made," RealNames Founder and Chief Executive Officer Keith W. Teare told Newsbytes this afternoon. "But to be prudent, we had to assume that they had been successful."

An intruder took over 60,000 keywords and redirected users to a Web site in China, 188.net, Teare said, a problem that was fixed within minutes of the time it was first noticed, about 3:30 p.m. PST. The only way to accomplish the prank - if that's what it was - would be to penetrate the firewall and gain access to the data center, where credit card numbers and other customer information is stored.

"In conducting an investigation we determined that they had attempted to gain access to our customer records, including credit card information," Teare said.

The site was shut down and the company went to work informing all 50,000 customers what had happened, warning them that credit card information could have been compromised and telling them that their passwords were being changed. The compromised credit card numbers are being monitored, but so far no unauthorized purchases have been reported, he said.

Why would hackers want to mess with RealNames?

"My guess," Teare said, "is that (it is because) RealNames is an important part of the Internet infrastructure. We're the only service provider for keyword technology." He said the initial fear was that the RealNames intrusion was part of the denial of service attacks that struck Yahoo, eBay and other major sites this week. RealNames is up and running again.

RealNames hired Internet Security Systems to perform a full site audit and install additional anti-hacking measures. The FBI was contacted to conduct an investigation, Teare said.

Source: Newsbytes, http://www.newsbytes.com/pubNews/00/143782.html

-- Lee Maloney (leemaloney@hotmail.com), February 12, 2000

Answers

Until business and consumers realize that up to 70% of firewalls are misconfigured, we'll see this kind of thing for a loooonnnnggg time to come. Here's another take on the same story. ________________________

RealNames falls victim to hackers Credit card records may have been accessed

By Bambi Francisco, CBS MarketWatch Last Update: 2:45 PM ET Feb 11, 2000 NewsWatch

SAN FRANCISCO (CBS.MW) -- RealNames, an Internet company set to go public in the near future, said Friday it's fallen "victim" to a hacker intrusion in which customers' credit card information may have been stolen.

Today on CBS MarketWatch Stocks slip into the red Dell profit matches reduced estimates IPOs: Pets.com trading on a leash NatWest admits defeat Dell shares slip More top stories... CBS MarketWatch Columns Updated: 02/11/2000 2:07:16 PM ET The San Carlos, Calif.-based company (name) confirmed that sent e- mails to its customers Friday morning to alert them to the situation..

While not considered a so-called denial-of-service attack that has plagued major sites like Yahoo (yhoo), EBay (ebay) and Amazon.com (amzn), the news at RealNames serves to heighten Net security awareness, especially when it could involve theft or fraud.

This breach of security issue is a far greater concern because credit card information may be on the loose.

"We cannot determine at this time what the hacker had access to," RealNames Chief Executive Keith Teare told CBS.MarketWatch.com. "We've assumed the worst, and contacted all our credit card partners to advise them of the security breach."

Getting behind the firewall

Teare said that the company had the appropriate "state-of-the-art" security measures to safeguard its system. The company uses VeriSign's (vrsn) certificates and Check Point Software's (chkp) industry standard firewall protection.

"The system that was penetrated was outside the firewall," Teare added. "Then the hacker found a way to get behind the firewall."

Teare said ISS Group (issx), another Internet security firm, is "running a status check" on the RealNames' systems. RealNames has also installed a back-up firewall system provided by Check Point Software.

Timing of events

The timing of the disruptive events may be a coincidence or may be related to this week's attacks on the popular Web sites. "It's conceivable, given the timing, that these denial-of-service attacks and this incident are related," said Teare.

In any case, the crisis throws an especially undesirable hurdle in front of a company that just filed last October to go public in an offering that would raise $81 million. "I'd run naked on Market Street before I'd want this," Teare said.

No formal date has been set yet for the offering, which is to be led by Morgan Stanley. http://aol.marketwatch.com/source/blq/aol/archive/20000211/news/curren t/name.asp

-- Jen Bunker (jen@bunkergroup.com), February 12, 2000.

That's right, Jen. These minor attacks will force us to tighten up internet security and develop better safeguards.

Companie$ like this are willing to help....

Security-Software Firms' Shares Rise

By Sandra Sugawara, Washington Post Staff Writer Friday, February 11, 2000; Page E10

.... Shares of Check Point Software Technologies Ltd. and other makers of security software surged for a second day yesterday. And they have this week's hacker attacks against major Web sites to thank....

http://www.washingtonpost.com/wp- srv/business/feed/a39622-2000feb11.htm

-- Lee Maloney (leemaloney@hotmail.com), February 12, 2000.

Agree, Lee.

Seem$ that a great opportunity right now is in the firewall configuration busine$$. Even when an organization does get the firewall configured correctly, many administrators are just too lazy to keep up with the patches and upgrades, therefore degrading security all over again.

And around and around we go.

-- Jen Bunker (jen@bunkergroup.com), February 12, 2000.

Noting from the initial article posted on this thread: "Why would hackers want to mess with RealNames? ... it is because ... We're the only service provider for keyword technology."

Our self-organizing web-culture apparently still needs to learn an essential principle from living systems: redundancy is critical to sustainability. Single-sourcing any capability in a complex system creates risks which are asking for trouble.

The smartest thing RealNames could do, imo, would be to encourage competition, to ensure redundant capability and thus the sustainability of the systems they serve.

-- Jan Nickerson (JaNickrson@aol.com), February 14, 2000.