This was posted at webhostingboard by Mike Denney.


Hello,

WebHostingTalk.com has been compromised once again but this time the Credit Card details portion of their database was compromised and is now circling the internet as "WHT_XXXX_XXXXXXX_XX.rar". This file contains *thousands* of credit cards with complete details including Credit Card Number, CVV2 Number, Full Name, Bank Name, as well as some other details.

If you have *ever* entered your credit card information at WebHostingTalk be it for a Premium Membership or any other reason you need to contact your bank IMMEDIATELY and cancel the card and be issued a new one. I would also advise you to let your bank know what has happened so that if you need to fight some fraudulent charges your bank will know what is going on.

Keep in mind I am not trying to damage WHT any further by posting this, it seems that this information is being kept "hush hush" when those affected need to be notified so they can pro-actively protect themselves against fraud.

Please - direct anybody you know that may have used their Credit Card at webhostingtalk.com to this thread and feel free to update this thread with pertinent *verifiable* information.

Thank you.

... so they got hacked again?

... so they got hacked again?

No, according to WHT..


This morning, the hacker who attacked WHT initiated further communication. He provided evidence that credit card information on one of our database servers was, in fact, compromised on March 21st.

Didn't they say CC info was on another server? I can't remember the details, but I know if I got hacked I'd expect the hacker to go for CC information first. Post/threads and deletion of backups is meaningless, just causes headace and mayhem with no real self gain.

It's just getting worse it seems. Hopefully they get it all sorted out soon.

Another update from iNet Interactive:


UPDATE: 4:24pm est

We have contacted all major credit card companies and are awaiting their guidance. It should be noted that card holders will not be held liable for any fraudulent purchase made using their credit card.

Only time will tell what happens.

All I can say is that drastic changes in security need to be made, and that everyone should use this as a prime example of poor security practices.

and that everyone should use this as a prime example of poor security practices.
Indeed and some self professed "experts" in the field are taking another look at their own.

I thought Rackspace had them covered?
Also, why did they contact the credit card companies? Was it due to them storing personal credentials on their servers?

I thought Rackspace had them covered?
Also, why did they contact the credit card companies? Was it due to them storing personal credentials on their servers?
It was backup servers that got hacked.

Even so, back to my question. Why did they contact the credit card companies? All CC information is temporarily stored, right?

They had transactions from as far back at 2007 stored which were not encrypted. This lead to many CC #'s being released.

Everyone knows it's bad practice to store cc numbers...

Even if you decide to store them, they should at least be encrypted.

Failing to encrypt and storing them leads to issues such as this.

If I remember again, they posted once before that CC info wasn't taken and was safe, along with it being encrpyted? Unless I'm just pulling this from thin air. I'm sure it's somewhere in the first thread of WHT downtime.

It was the user table that was released right after the hacking occurred. It was not until today that the credit card information was released which was not encrypted. The user table did have weakly encrypted passwords.

There is some sort of industry standard encryption you have to use if you store cc numbers, I'm not sure if you have to pay anything as well...

Well stuff - WHT did not use any sort of encryption, not even the bog standard one that your meant to use by law.

I can see quite a few law suits coming out of this problem.

WHT has been Arrogant for quite a time, and now, the tables are turning. They cut corners, and its biting them on the ---.

Their site shows that the CCs are from a while ago though.. the new orders are safe. It seems that they just didn't delete the CC #'s from a long time ago, which they should've done a long time ago...

You misread. New memberships are protected, but new sticky thread advertisement costs are not. Also, most CCs have at least a 3 year activation span which makes about 80% still active.

New premium memberships use paypal as far as I can remember and paypal should be used for all future transactions from now on. The company needs to keep the paypal password away from any server that they use. Instead of checking the security of the server(s), they need to reload the OS of all of the servers just in case the hackers have access to the servers right as of now. How do they know if an employee isn't working with a hacker etc.?

Even if they are old CC #s....it is illegal in the US to store CC credentials. You may keep a temporary session for authentication, but you are certainly not allowed to store permanently.

Even if they are old CC #s....it is illegal in the US to store CC credentials. You may keep a temporary session for authentication, but you are certainly not allowed to store permanently.
You are allowed to store the info (what does PayPal do then?) but it has to pass a few encryption standards (again, not set by the law per se) set by the card issuing companies like Visa, MasterCard, etc.

I'm pretty sure that iNet will lose its contract with its credit card processor and perhaps be denied by every new processor they attempt to deal with.

Well stuff - WHT did not use any sort of encryption, not even the bog standard one that your meant to use by law.

I can see quite a few law suits coming out of this problem.

WHT has been Arrogant for quite a time, and now, the tables are turning. They cut corners, and its biting them on the ---.
This is absolutely nothing to do with the forum.

As much as I think the community is full of stuffed up host's who all they care about is getting good reviews and spamming the place with their boring adverts, I do feel sorry for the staff and techies on WHT who have to suffer this kind of thing. But they could've at least encrypted things surely, or maybe stored the information offline?

Is it wrong that this makes me laugh?

Is it wrong that this makes me laugh?

Nope.

You can laugh, like most of us. The industries biggest forum community is not as safe as FWS, lmao.

This is absolutely nothing to do with the forum.

I guess not - I mean, its not as if it was credit cards used on their site that got leaked.

... oh wait

The industries biggest forum community is not as safe as FWS, lmao.

And the evidence of that would be .... ?
Just because nobody has bothered to hack FWS doesnt mean it's more secure.

It was hacked. Recoil.

Wow, I was considering buying a premium membership but I'm glad now that I didn't...

Even still FWS uses paypal [correct me if I am wrong] so its still safer!

That's correct Tracker, we don't have any credit card info here. Advertisers pay with Paypal or in some cases bank wire transfer.

Hi Webdude! :wave:

God damn. You'd have to be a real retard to hack a hosting comparison website like WHT.

And the evidence of that would be .... ?
Just because nobody has bothered to hack FWS doesnt mean it's more secure.
He returns!

He returns!

Yeah cuz you woke me up. Dont rub the lamp anymore..

Hi Everyone,

I'm from the Web Hosting Talk/iNET Interactive team and wanted to let all of you know the best place to get updates on the current events happening at Web Hosting Talk. We're working hard to resolve current issues and want to make sure everyone is informed of the latest updates and happenings.

To get the latest information and updates, visit the following threads at Web Hosting Talk:

http://www.webhostingtalk.com/announcement.php?f=31&a=134
http://www.webhostingtalk.com/showthread.php?t=852943

Thanks!