OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
[Dataloss] VA: Voxant Breach

From: d2d (d2dattrition.org)
Date: Wed Sep 12 2007 - 18:38:14 CDT


Courtesy the Granite State (http://doj.nh.gov/consumer/pdf/Voxant.pdf)

The Voxant online ecommerce store server was hacked on or about June 20,
2007 using what appeared to be a typical phishing scheme. The server is
seperate from our primary business at www.voxant.com. We immediately took
the affected server offline, removed the offending phising pages, ...

...encrypted credit card numbers could have been accessed in our ecommerce
system during the original incident. Although the credit card numbers
were encrypted, we found that the encryption key was not well protected...

...Data in our database up through June 19-20 could have been affected,
representing approximately 4,500 US customers...

_______________________________________________
Dataloss Mailing List (datalossattrition.org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml