I received the following email this morning (appropriately cleansed):

>> Dear Simon Gales
>>
>> I hate to inform you that your account
>> has been hacked on webcertificate.com and
>> ecount.com. These sites have very weak
>> security protection system and the database
>> with credit cards and other personal information
>> is not protected at all. Your personal details:
>>
>> 123 Spartacus lane
>> Cary IL 23456 US
>>
>> Your credit card information:
>>
>> 1111111111111111
>> expiration time: 10/11/12 1:23:45 PM
>>
>> We offered them our help many times. But top
>> management of webcertificate.com and ecount.com
>> don't care about their customers - you. They
>> care only about their money.
>>
>> zilterio
>> www.zilterio.com
>>

I've notified privacywebcertificate.com and VISA, and am awaiting their
response.

Since they've apparently already been informed (albeit in a questionable
manner) and customer information already disclosed, I felt it appropriate to
forward this on to BugTraq.

Related: http://www.ecommercetimes.com/perl/story/13147.html

Administrivia - the FAQ link sent in the WELCOME email after subscribing to
BugTraq is incorrect (http://www.securityfocus.com/forums/bugtraq/faq.html)
and yields a 404 error. Also, the address for submitting email to the
BugTraq mailing list could be made a little clearer in that Welcome email.

-Simon

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]