[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: your mail
On Mon, 1 Sep 1997, bureau42 Anonymous Remailer wrote:
> Rabid Wombat wrote:
> > On Mon, 1 Sep 1997, Anonymous wrote:
> > > "Smak" delivered an encrypted CD containing over 100,000 stolen
> > > credit card numbers. After the validity of the credit card information
> > > was confirmed through decryption of the data on the CD, "Smak" was
> > > taken into custody by the FBI.
> > >
> > > And the 100,000 people were immediately notified that their credit
> > > cards had been compromised? I fucking doubt it. Better to screw over
> > > 100,000 citizen-units than expose the incompetence of a few companies
> > > and the government's fight against strong encryption and computer
> > > security.
> > I was recently notified by a bank that issued one of my credit cards that
> > my card number had been sold, along with thousands of other account
> > numbers, to an undercover FBI agent. The bank canceled my account, opened
> > a new one, and overnighted a replacement card. No big deal, and no loss
> > to me.
> > OTOH, it *might* have been in response to a different incident. Keep
> > those paranoid rants coming.
> Why don't you tell us the name of the company that has such lousy
> computer security that your credit was placed in jepoardy, so that we
> can decide if we want to avoid doing business with them?
Based on what I've seen so far, the account numbers were more likely to
have been obtained from the databases of merchants than from banks. If
the bank was cracked, there would have been many more card numbers from
one bank on the CD, rather than a distribution of account numbers issued
by many institutions. I doubt that someone managed to crack a dozens of
banks, and then took only a few thousand numbers from each. It is more
likely that "widgets R us" was compromised, resulting in a few thousand
accounts from each of the major banks.
I suppose I could look back over a few year's worth of statements, and
tell you where *not* to shop, but I'd be listing all merchants I'd done
business with as being equally guilty, when it is very likely that only
one was compromised.
My guess is that Smak had inside access to a particular merchant's
system, but I've been wrong before.