31 October 2010
Hobby Search security breach
Last week Hobby Search online hobby store has announced that it has suffered a hacker (or cracker) attack. A notice has been posted on the website along with an FAQ.
According to Hobby Search the attackers have managed to find a security hole within the system and exploited it, having gained access to the the computer system and accessed customer data, including credit card informations. The attack was discovered early this month and authorities have been contacted regarding this issue.
The credit cards affected by this attack are "those used in unshipped orders and orders shipped within one year, prior to July 7, 2010".
To be more specfic it means those cards that are used on or after 7th July 2009 or used before 7th July 2009 but shipped on a later date (or did not ship) were affected. Cards whose last order & shipment were over a year ago have their information deleted from the database and therefore not affected.
Meanwhile payments by credit cards have been suspended indefinitely. Paypal is now the only viable way of payment as a result of this event.
Customers who are affected should have received an email from Hobby Search by now. I know some of the fellow bloggers I know have received one too. People who are affected or think they are affected should contact their credit card companies about it as mentioned by Hobby Search's FAQ. While I haven't received one since my one and only order was way back in 2007, I would keep my eyes peeled just in case.
The attack at Hobby Search sure comes as a nasty surprise for the company itself, as well as its customers. Even though they have contacted authorities and tried their best to rectify the problems, it would sure severe some trusts with a number of online customers.
I don't buy much things from online stores nowadays as I have access to local shops in Hong Kong for most of the things I want, and there is no shipments and shipping fees to worry about. Anyone got affected by this? If so what are your opinions about it?