Originally published on January 20, 2000 and brought to you today as a time capsule.
Consumer fears of online credit card security were reinforced this week, as hackers infiltrated the credit card database of health products supplier Global Health Trax, Inc.
On Monday, the company’s old Web site became vulnerable to the hackers, who gained access to home phone numbers, bank account numbers, and credit card account numbers of several hundred distributors. The site has been unused for more than a year.
This incident comes on the heels of what is generally considered to be the largest Internet heist to date, when a hacker stole credit card details from Connecticut-based CDUniverse earlier this month.
In that case, the perpetrator posted stolen credit card information on the Internet after failing to extort money from the company. The credit card information was also sold by the thieves, who later used e-commerce software to bill non-existent purchases to several of the accounts.
In the Global Health Trax incident, the breach is believed to be an act of sabotage, and a former employee is suspecting of having intentionally placed the information on a non-secure part of the server.
The new report about Global Health Trax renders another blow to consumer confidence in the safety of shopping online by reminding us that internal security breaches by current or former employees can be as serious as external breaches.
“When someone hacks a site, it raises a lot of questions to the consumer,” said Chris Merritt, of Atlanta, Georgia-based Kurt Salmon Associates. “They are thinking, ‘You told me that you have a secure site, but how do I really know if it is secure?'”
In the case of Global Health Trax, the system is set up for distributors of the company’s dietary supplements to access its site, and enter credit card numbers on an order form that is e-mailed to the company.
While this latest heist may have been the result of a deliberate move on the part of one individual with inside access, the CDUniverse event was reportedly the direct result of a flaw in the company’s security software.
According to consulting and auditing firm Ernst & Young, the number of U.S. consumers who shopped online in 1999 more than doubled compared to a year ago. The report says that 39 million U.S. consumers used the Internet to shop, compared to 8.3 million Europeans.
The study reported that U.S. consumers made an average of 13 purchases online in 1999, and spent $1,205, while in 1998, U.S. shoppers averaged six purchases and spent $280.
The study projects that sales will nearly double this year to at least $45 billion.