Company says extortion try exposes thousands of card numbers says it was the victim of an extortion attempt by a man accused of hacking into its site and exposing more than 55,000 credit card numbers. was the victim of an extortion attempt by a man accused of hacking into its site and exposing more than 55,000 credit card numbers, the company said Tuesday.

Click here to Play

Hackers expose credit card numbers
Chris Rouland, Internet Security Systems
The company is working with the FBI on the case, said Laurent Jean, a spokesman for Los Angeles-based

"It was an act of retribution," Jean said. "He was angry with us and this was the way he took out his anger?After (he asked) us for money, we did everything we could to prevent him from entering our system."

The suspect hacked into the site and exposed the numbers on the Internet sometime Monday, Jean said. They were still up early Tuesday.

Matt McLaughlin, spokesman for the FBI's Los Angeles field office, confirmed that agents from the bureau's "Cyber Squad" are looking into the case.

Privately held is a business-to-business site that works with Web merchants so they can accept credit card payments. According to the company's Web site, its customers include software maker iKnowledge and health site Premier Solutions.

The year has seen several high-profile security breaches at e-commerce sites. In September, human error caused a glitch that allowed a hacker to copy the credit card information of about 15,700 customers from Western Union's Web site.

Hackers broke into CD Universe's database in January and posted links to thousands of customer names, addresses and credit card numbers after not being able to extort money from the online music store.

Though studies have shown that hacker attacks have caused some consumers to shy away from online shopping, hacking is much more of a threat to companies, IDC analyst Charles Kolodgy said.

"It's a pain for the credit card companies who must cancel thousands of cards and potentially reimburse bogus charges," Kolodgy said. However, for the individual cardholder, the breach is a mere nuisance, he said.

Security breaches like the one at are an indication of where the real security problems are, Kolodgy said: in companies' back-end databases. While there is a certain risk that credit cards sent over the Internet can be intercepted, databases contain huge amounts of personal information that comes from all types of transactions, not just from consumer Internet purchases, he said.

Chris Rouland, head of Internet Security Systems' security group, said the breach is inconvenient for consumers, expensive for credit card companies and potentially terminal for

"Their credibility is gone," Rouland said. "Their whole business had to be around providing a secure service, which they weren't able to do. For this to occur during the holiday shopping season, it will certainly be an issue."

Issuing new credit cards costs about $10 to $20 apiece, Rouland said, meaning that this particular problem could potentially cost credit card companies as much as $1 million to fix.

In the history of publicly known computer security breaches, this one probably ranks in the top 100, Rouland said. ISS, a security consulting company, encounters roughly one extortion attempt a month in its security consulting business, he said.

Featured Video
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Roku 4: Our favorite TV streaming system gets 4K video and a remote locator

Ever lose your remote in the couch cushions? Ever wish you could stream 4K Netflix without having to use your TV's built-in app? Roku's new high-end player, the $129 Roku 4, brings these new extras to its best-in-class streaming ecosystem.

by David Katzmaier