The U.S. Federal Bureau of Investigation (FBI) confirmed Wednesday that it is investigating a case involving the alleged online exposure of up to 55,000 credit card numbers as a result of hacking into the Web site of Los Angeles-based merchant processing firm Creditcards.com.
“The FBI is looking into the matter, but it’s considered an ongoing investigation and we can’t comment any further,” FBI spokesperson Cheryl Mimura told the E-Commerce Times.
According to published reports, the alleged hacker, identified only as a Russian, apparently stole the database several months ago, and has reportedly been trying to blackmail the company ever since.
Once the numbers in question were posted on the Internet on Monday, the incident became classifiable as a hacking, the FBI told reporters.
Creditcards.com spokesman Laurent Jean told the E-Commerce Times that some news reports Tuesday “misrepresented” and misinterpreted facts and statements that were offered by Jean and a Creditcards.com executive regarding the incident. As a result, Jean said that the company has decided to cease making any additional statements at this time.
According to its Web site, Creditcards.com processes credit card transactions for a number of small businesses. By late Tuesday, none of Creditcards.com’s merchant clients had publicly commented about the possible compromise of their customers’ credit cards.
A representative from one merchant mentioned on the Creditcards.com site told the E-Commerce Times that he was not aware that there had been a hacking incident at Creditcards.com and had no reason to believe his company or clients had been affected.
Still a Threat?
Despite the best efforts of online security companies, a number of high profile hackings have compromised both the finances and confidence of online shoppers in the past year.
Last week, Charles Schwab Corp. said a flaw in its system left open the potential for a hacker to steal individual customers’ stock trading accounts.Just a month earlier another online brokerage firm, E*Trade, indicated a similar weakness in its system had been discovered in September.
In both instances, customers passwords and bank account numbers became vulnerable to hackers.
Earlier this month, the FBI warned e-tailers of “an increase in hacker activity targeting U.S. systems associated with e-commerce and other Internet-hosted sites.”
This Creditcards.com incident is reminiscent of last year’s theft of 300,000 credit card numbers from the Web site of CD Universe. That incident is considered one of the most widespread thefts of credit card data over the Internet to date.
Much like the current case, a hacker attempted to use the credit card theft in an extortion scheme, then posted the credit card numbers on a Web site after CD Universe refused to pay US$100,000.