X

E-commerce site breached by credit card thieves

Computer hackers strike again, giving an e-commerce site cause to notify its customers about potentially stolen credit card numbers.

John Borland Staff Writer, CNET News.com
John Borland
covers the intersection of digital entertainment and broadband.
See full bio
John Borland
2 min read
Computer hackers have struck again, prompting an e-commerce site to notify customers that some of their credit card numbers had been stolen and posted on the Web.

The site, called SalesGate.com, is the latest example of an online business being hit by a security breach. The attacks are raising concern among consumers, industry executives and law-enforcement authorities. About 2,000 records were taken at SalesGate, including credit card numbers and other personal information, Chris Keller, one of SalesGate's founders, told CNET News.com.

"We regretfully inform you that SalesGate has suffered a security breach in our customer database," the company said in a memo to customers. "Among the data accessed illegally from our system and posted to the Internet are credit card numbers of some of our customers.

"We have been working closely with the Secret Service in the United States to catch the hacker responsible for the breaking into our system."

SalesGate, owned by Buffalo, N.Y.-based Internet Management Services, is a marketplace where small businesses come to sell their products and services in a central location. SalesGate guarantees the security of transactions and has a message posted on its Web site promising to refund any charges linked to cards stolen from the site.

The news comes as Internet security concerns have risen to a new high, following high-profile attacks last month that successfully shut down Yahoo, eBay, Amazon.com and other Web giants.

As yet, it appears that no personal information was stolen in that round of attacks, the companies have said.

More immediately dangerous has been a string of actual intrusions and thefts of credit card numbers, however.

A computer thief going by the name "Maxus" apparently stole close to 350,000 credit card numbers from online music store CD Universe early this year, posted the numbers online, and attempted to extort $100,000 from the company. The online store contacted the FBI, which shut down the Web site.

SalesGate has notified all the customers who were affected, and has canceled the cards directly with the credit card companies. Nevertheless, its email warned customers to be on the lookout for unauthorized purchases charged to "SalesGate" or "Internet Management Services."

The SalesGate theft is likely linked to a string of other recent online break-ins and credit card thefts, sources close to the investigation said.