[Zope] Re: [ZCommerce] Secure storage of credit card info

Andrew Kenneth Milton akm@mail.theinternet.com.au
Fri, 30 Jun 2000 12:20:04 +1000 (EST)


+----[ Curtis Maloney ]---------------------------------------------
| On Fri, 30 Jun 2000, Andrew Kenneth Milton wrote:
| > Just to make those people who think "It will never happen to me" think
| > twice, the Australian Government Treasury site was hacked and lots of
| > banking details about lots of small businesses was released.
| >
| > The Australian Treasury was very happy with their security too. Until
| > yesterday.
| 
| Whilst I agree that "It will never happen to me" is a stupid stance, the ATO 
| web site was not 'hacked'.  As an example, the Federal Police and the 
| government are NOT doing anything to the person.

Last night I heard they were still looking for him. Of course ringing
JJJ first wasn't exactly a smart idea.

| What happened was somebody noticed that a number in the URL for a page of 
| their details matched their ID number, and tried some others.  Upon finding 
| they worked, he wrote a script to try numbers, munge the page, and e-mail 
| people their details.

And the site is down 'indefinitely'.

-- 
Totally Holistic Enterprises Internet|  P:+61 7 3870 0066   | Andrew Milton
The Internet (Aust) Pty Ltd          |  F:+61 7 3870 4477   | 
ACN: 082 081 472                     |  M:+61 416 022 411   | Carpe Daemon
PO Box 837 Indooroopilly QLD 4068    |akm@theinternet.com.au|