E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Professional Accountants, home page.		 LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by:
Bennett Gold LLP, Chartered Professional Accountants


SPECIAL NOTE TO ALL VISITORS:
Effective December 31 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering notable e-commerce news articles from the period 1999 to 2012.


ONLINE MERCHANT EMAILS CUSTOMER CREDIT CARD DETAILS

Source: The Register

Posted on September 14, 2001

      Dabs.com has booted merchants BuyB4Sold.com off its Dabsxchange auction site after the latter committed a serious security breach involving its customers' credit card details.

      On 7th of September BuyB4Sold.com distributed an email to their customers, who had purchased products from a virtual auction hosted by Dabs, with an Excel attachment containing credit card details of other customers.

      A Register reader informed us that the offending email contained names, addresses, telephone numbers, credit card numbers and credit card expiry dates of customers.

      The 127 people affected by breach, which was the result of human error, have been advised to contact their credit card companies to get cards cancelled.

      Dave Atherton, managing director of Dabs.com, described the actions of BuyB4Sold.com as "sloppy" and although the breach had nothing to do with the security of its auction site it decided it appropriate to sever links with the firm.

      BuyB4Sold.com sells software and games in a similar manner to book clubs making its money from postage and packing charges on software that is sometimes listed as being "free". It is a marketing program run by retail Web site Onehighstreet.com.

      In February, we reported that Onehighstreet.com left customer details in plain view on an insecure Web server, now its security has been called into question again.

      Carl Laidler, concept development direct at Onehighstreet.com, said the security breach was a result of human error. A member of the firm's customer service team emailed a customer spreadsheet out without reference to any accepted procedures.

      That person is the subject of disciplinary proceedings.

      To restore confidence, Onehighstreet.com has withdrawn its online sales activities for between seven and 14 days during which time it is bringing in an external consultant to conduct a security audit.



CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.

ALERT
ARCHIVES
Final Entries
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999


LINK TO: Bennett Gold, Chartered Professional Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Against
Privacy Breaches.

Get WebTrust
Working For
Your Site.