Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Erica Absetz (ericariskbasedsecurity.com)
Date: Fri May 03 2013 - 10:00:23 CDT
Back in February, I noted that the FBI had been called in to
investigate a breach involving the Iron Horse Bicycle Classic. A
number of those who signed up for the event had reported credit card
Now lawyers for Iron Horse Bicycle Classic have reported the breach to
the New Hampshire Attorney Generalís Office. Their report provides
some additional details on what the investigators found.
According to the statement, on March 1, IHBC learned that the server
they shared with other companies on an unnamed web host provider had
been attacked, and the attacker had been able to send information from
the server to an unauthorized address on the Internet. Significantly,
the attack may have occurred as early as November 30, 2012.
Although IHBC notified registrants by e-mail on March 14, they first
mailed out letters in the last week of April. The letters informed
them that the attacker may have obtained their names, postal and
e-mail addresses, credit card information, and ages.
IHRB made some changes in how it handles payments, but surprisingly in
light of know fraudulent use of information, did not offer registrants
any free credit monitoring services.
Of course, now Iím also wondering what other companies on the shared
server may also have been hacked or had PII compromised. Iím also
wondering what the unnamed web host provider is doing to prevent or
catch future attacks.
Dataloss Mailing List (datalossdatalossdb.org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list
Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and