|
The Web Hacking Incidents Database
Last update:17 February 2008
List of Incidents for a Classification
Please note that classifications are a new feature and not all entries in WHID are already classified, so when you get a certain number of entries for a classification, WHID might have more records matching that classification that we did not classify yet. We hope to complete the classification process soon.
Select classification:
Attack Method, Country, Location, Origin, Outcome, Software, Vertical Select criteria for classification "Outcome":
Blackmail, Chaos, Deceit, Defacement, Disclosure Only, Downtime, Extortion, Identity Theft, Information Warfare, Leakage of Information, Link Spam, Loss of Sales, Monetary Loss, Phishing, Planting of Malware, Political Defacement, Spam, Worm
List of incidents for which Outcome is Identity Theft
2 incidents listed
Reported: 22 December 2007Occurred: 22 December 2007
Classifications:
- Attack Method: Credential/Session Prediction
- Country: USA
- Outcome: Monetary Loss
- Outcome: Leakage of Information
- Outcome: Identity Theft
- Vertical: Security & Law Enforcement
The Secret Service has arrested at least 6 people in an investigation that involves information theft at an Ohio court web site, which is actively used for identity theft. At least one known identity theft case resulted in $40,000 loss to the victim.
The sensitive information was stolen by manipulating predictable identifier parameters. The stolen information belong to at least 270 people and includes the name, address, age and other information could be used to obtain credit cards and open bank accounts.
References:
Reported: 29 March 2007Occurred: 18 February 2007
Classifications:
- Attack Method: Unknown
- Country: USA
- Outcome: Identity Theft
- Outcome: Monetary Loss
- Outcome: Leakage of Information
- Vertical: Retail
11,500 credit card numbers have been stolen from the web site of Johnny's Selected Seeds a small ($13M in revenue per annum) on line vendor of seeds in Main. 20 of these are known to have been abused. As usual, the hack was discovered because of fraudulent use of stolen credit cards rather than security measures used protect the web site.
The direct cost of the breach, informing customers, researching the incident and upgrading the protection of the web site cost the company tens of thousands of dollars.
References:
This work is licensed under the Creative Commons Attribution License. To view a copy of this license, visit http://creativecommons.org/licenses/by/2.5/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.
|
