Geeks.com Suffers Compromise
Continuing with the theme of personal data theft, Geeks.com, a major online retailer, suffered the embarrassment of having their customer potentially compromised by unidentified sources. It has been confirmed that a breach (or series of breaches) took place at the online retailer, but it is not known whether any information had been compromised in the breaches. With the company taking the conservative option and considering the information to have been compromised, they have begun notifying their customers of the issue.
On the surface, this appears much the same as any number of site compromises over the last few years, right down to the loss of sensitive data. However, there is a key difference, which is causing some active discussion amongst security researchers.
It seems that Geeks.com was claimed to be safe through the "Hacker Safe" site scanning and validation toolset, a claim that has been contested by ScanAlert (operators of the Hacker Safe program, and a part of McAfee). Questions have been raised about the effectiveness of such programs, especially when they have chequered histories.
While the points being raised in the linked arguments are valid and accurate, it must be remembered that many of those making these arguments are offering their own competing services. It does not detract from the quality of the argument being put forward, but it does provide a frame of reference.
11 January 2008
Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis
Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.
Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.
Comments will soon be available for registered users.