CNN.com has a story up about AOL being hacked. Not exactly the first time this has happened, but the methods are interesting, at least.
An AOL spokesman claims that "We have already taken security measures to prevent this from happening again. . . ." Those measures might involve whipping and beating AOL Customer Service reps, since the hackers' ploy depended on some... unwise choices by those reps.
The hackers gained access by e-mailing a Trojan horse program to the AOL employees. The hackers seem to have specifically targeted those employees who had access to AOL's subscriber database. Those reps who ran the program opened up their systems to the hackers, which in turn (theoretically at least) opened up AOL's Customer Relations Information System. Among other things, the CRIS contains credit card data.
AOL has admitted that at least 500 screen names (user accounts) seem to have been hacked, and they also admit that credit card data may have been compromised in the attack. The Washington Post apparently found at least one person who confirmed that their credit card data had been stolen.
At some level, AOL should be proud; you know you've hit the big time when hackers write a Trojan horse program specifically for your company. Of course, I doubt that AOL sees it that way...
|Steam's 2017 Summer Sale is downright hot||5|
|Asus XG-C100C NIC breaks the gigabit barrier||12|
|Stuff a terabyte of RAM in Gigabyte's MZ31-AR0 Epyc motherboard||17|
|National HVAC Tech/Onion Ring Day Shortbread||16|
|Imagination Technologies hangs a "for sale" sign in its window||19|
|Vulkan is about to erupt in CryEngine 5.4||0|
|Mionix's new RGB LED keyboard lights the Wei forward||5|
|ThinkPad lineup will get a retro model for its 25th anniversary||22|
|Netgear readies the Nighthawk X6S for take-off||23|