Slashdot Mirror

← Back to Stories (view on slashdot.org)

Caveat Emptor: Egghead.com Credit Records Nabbed

Posted by ryuzaki0 on from the hot-water-10-min.-for-hard-3-soft dept.

Voorshwa and at least a dozen others wrote with this news: "Found this one over on ZDNet.com news. Turns out the security over at Egghead wasn't very good. Losing 3.1 million credit card numbers has got to put a damper on a lot of Christmas cheer!! Wish these big companies would learn a little ..." No yoke. It's too bad that this kind of theft will probably scare people away from online purchases even when it's a database that's cracked rather than their transactions. Reader insmod points to coverage at MSNBC as well which mentions that Egghead was not the only site hit this holiday season.

2 of 164 comments (clear)

  1. This cries out for one-time use credit card number by alecto · · Score: 5

    This incident underscores the usefulness of one-time credit card numbers, such as those provided by American Express' Private Payments service. This service allows the cardholder to generate an account number for each transaction. So if that number is stolen from a merchant's database later, it's useless. This also comes in handy for preventing unauthorized billings from the same merchant later on.

  2. Comment removed by account_deleted · · Score: 5

    Comment removed based on user account deletion