CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
October 3rd, 2008

Gloria Jeans Coffee Website, gloriajeans.com, Hacked, Atleast 511 Customers Credit Crads Details Stolen

Earlier this month, gloriajeans.com website was the subject of an attack that allowed an unknown person or persons to obtain the addresses and credit card numbers of 511 of the customers as they were placing orders on the site. According to New Hampshire State Attorney General, Gloria Jeans Coffee (Gloria Jean’s) recently experienced a data security breach in its e-commerce site hosted by Smith Micro, Inc.

The personal information affected may include customer names, addresses, telephone numbers, emails, and credit card information. Gloria Jean’s has not determined that any fraudulent credit card transaction has occurred as a result of this incident. Since Social Security Numbers or other financial account information is not collected, the attacker accessed only credit card numbers, names and addresses.

A full analysis of the e-commerce server files revealed on September 4th, 2008 an individual initiated modifications to checkout web pages from a shared IP address located in the United States. On September 10, 2008, the intrusion was identified and it was clear that the modifications were able to access and screen capture the personal transaction information and dump the information to an external server and log file. The encrypted database was not exposed to this intrusion.

Once discovered, Gloria Jean’s immediately took its website off line and confirmed that there was no malicious or unauthorized code included as part of its website before returning the site was returned to service. They also contacted the server host of the intruder’s log file with consumer information to have the IP address disabled and inaccessible. The incident was reported to the United States Secret Service Electronics Crimes Task Force (ECTF) and a notice was sent to affected customers by U.S. First Class mail and email.

Gloria Jean’s investigation of this incident is ongoing in cooperation with its initial report and provision of materials to a representative from the ECTF.

Email, Bookmark or Share:
  • E-mail this story to a friend!
  • Digg
  • del.icio.us
  • StumbleUpon
  • Reddit
  • Technorati
  • Slashdot
  • Propeller
  • Google
  • Live
  • YahooMyWeb
  • TwitThis
  • Facebook
  • LinkedIn

More on CyberInsecure:
  • Cotton Traders Clothing Firm Customers Credit Card Details Stolen From Hacked Website
  • Personal Information Sent To An Analysis Firm Stolen From State Street Corporation
  • Jobs.ie Hacked And Customers CV Data Stolen
  • 34000 Of Customers Bank Details On Stolen Boots Backup Tape
  • HSBC Banking Group Lost 370,000 Customers Details

    • Posted in Breaches And Incidents, Data Theft, Hacked, Privacy | Print This Post Print This Post

    This entry was posted on Friday, October 3rd, 2008 at 2:49 pm and is filed under Breaches And Incidents, Data Theft, Hacked, Privacy. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Gloria Jeans Coffee Website, gloriajeans.com, Hacked, Atleast 511 Customers Credit Crads Details Stolen

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « « Hackers Use Neosploit To Infect Around 80,000 Sites, Including BBC And US Postal Service
    Google Trends Labs Abused By Cybercriminals To Spread Malware » »