Loading ...
Sorry, an error occurred while loading the content.
 

Blessed Bee Inc. Hacked

Expand Messages
  • macanfitheach
    MM and good evening all. Just sending this as a heads up - it is being reported that Blessed Bee Inc., the publisher of Pan Gaia , New Witch , Sage Woman
    Message 1 of 1 , Dec 13, 2003
      MM and good evening all.

      Just sending this as a heads up - it is being reported that
      Blessed Bee Inc., the publisher of "Pan Gaia", "New Witch", "Sage
      Woman" and "The Blessed Bee", was hacked on October 24, 2003.

      On this date, a Pakistani hacker managed to circumvent the
      security of their ISP and penetrated their customer database; the
      hacker subsequently stole credit card information for customers that
      had ordered online since December 1, 2002.

      A message on the Pan Gaia website is indicative of a scramble to
      implement new security measures:

      " NOTICE TO OUR VALUABLE CUSTOMERS ~ Access to our online ordering
      system is currently down due to ongoing upgrades to our security
      systems. For fastest service, please call our toll-free number 888-
      724-3966 or 707-882-2052. If you reach the message machine, leave
      your name, number and a time to reach you and we will call you back
      promptly on our dime. You may also order via mail, send your order
      to: Blessed Bee, Inc., P O Box 641, Point Arena, CA 95468. We
      apologize for any inconvenience and thank you for your support."

      Should anyone be affected by this theft, you may wish to
      contact your credit card company and have a either a new card issued
      or your current card red flagged in order to protect yourself against
      any potential fraud or identity theft.

      As an Information Security Geek, let this serve as a lesson to
      online shoppers and follow my sagely counsel <grin>:

      a. Should you be unsure of what the company does with your
      personal info, don't shop online - mail may take
      longer, but it's better than being a victim of identity
      theft;

      b. if you do choose to shop online, be an informed internet
      citizen - look for indications during the ordering phase
      that allow you to opt out of the company saving your
      information and choose to opt out;

      c. don't be afraid to ask questions - you can probably contact
      the company and inquire about what how they store/protect
      your personal info - they will usually accommodate your
      information requests as they want your business and they
      know that misgivings about a company can spread like
      wildfire on the 'net; and

      d. if you are a dot commie <grin> and have a business presence
      online, never store your customer's information where it
      can be accessed by an internet entity - keep your databases
      separate and isolated from your enterprise server if at all
      possible. And for those of that may have doubts, using a
      VPN to access or network the databases and enterprise server
      is not a guarantee that you won't be compromised.
      you are secure.

      Anyhoo, thus concludes my information security rant for the
      evening... :-)

      Cheers all,

      Ted

      Ted Mac Daibhidh
      Vice President
      Whitehats.ca Information Systems Security
      Intrusion Detection Specialist

      E-mail: ubergeek(at)whitehats.ca
      URI: http://www.whitehats.ca/main/members/Ubergeek/
    Your message has been successfully submitted and would be delivered to recipients shortly.