AOL Customer Data Is Being Hacked Up and Spit Out!
Written: Jul 06 '00 (Updated Jul 31 '00)
|
Product Rating:
|
|
|
Pros: Bigger than Texas!
Cons: Not as friendly as Texas!
|
|
|
| Schinjay's Full Review: AOL (America Online) |
While You Were Sleeping
Your AOL Data Got Hacked Up and Spit Out
Remember all that talk about Luv Bugs and the end-of-the-world a few months ago? Remember how any sane, halfway educated person learned not to open suspicious e-mail attachments that might wreak havoc on your computer?
Well, a funny thing happened about 3:30am one night a couple of weeks ago. An ignorant AOL late night staffer stupidly downloaded and opened a trojan horse e-mail package that has been running amuck within AOL’s internal servers ever since.
The virus has made it possible for sensitive customer data and credit card information to be transmitted, via the Internet, home to any number of high and low level hackers. And nobody at AOL knows how to stop it. Car 54, where are you?
AOL indeed had firewall and anti-virus protection in place at the time, but the method of attack was able to bypass their security and work within the system and do some level of damage before system alarms sounded.
According to reports posted at observers.net, a favorite Internet site of current and former AOL employees, the Trojan horse program released from within AOL systems transmitted data on several hundred users back to the sender. Apparently, it began sifting through account information in a very organized alphabetical order, and as far as anyone knows, it still is. It is possible that thousands of customer credit card numbers have been compromised to date.
Mr. Rich D’Amato, an AOL spokesperson, voiced his frustration with the situation, saying “We spend a great deal of time messaging our employees and our members that they need to take care in not downloading attachments that come from senders unexpectedly.”
Mr. D’Amato did not dispute observer.net claims that because AOL servers thought the database access was being gained “internally”, security alerts were not sounded right away. AOL has made moves to reset their security preferences so that all database requests are challenged for proper ID.
Outside security experts opined that it was AOL’s lax security on internal desktop systems that allowed the situation to escalate to its present state. The hackers targeted AOL employees with access to the AOL Internal Customer Information Record System (CRIS). This system allows users access to AOL databases that hold customer information, credit card numbers and passwords. Doubtless to say, theft of this information can certainly lead to theft of screen names. Help, Ted Turner, help!
AOL observers have stated on Observers.net that holes remain open for information theft because the hackers were able to plant backdoors in these systems that would allow them access anytime they wanted it. The job was done very thoroughly and the process by which it was accomplished was sickeningly simple. And it’s not like AOL has not had any warning that the possibility of such an attack existed.
Observers.net maintains that last year a young man named Jay Satiro approached AOL with evidence he collected showing that their security system could be breached. When he revealed the security flaws he found to AOL network engineers, AOL had him arrested. This wasn’t a very neighborly gesture on the part of the big Internet giant, was it?
Someone named YTCRACKER, a member of “Inside AOL”, another Internet group critical of AOL’s services, stated that as far as is known, no AOL member information had been made public, that the invasion had merely been a stunt aimed at gaining control of some of the more popular screen names and not to invade member privacy or steal credit information. So, if your screen name seems to no longer function, contact AOL immediately to see if they can troubleshoot the problem.
So, watch your back and watch your credit card account very carefully AOL fans. Until AOL announces it has finally tamed this beast within their internal systems, your privacy is in danger of being violated, and your billing information could get into the wrong hands at any time.
That's my epinion! Mahalo for stopping by!
Recommended:
No
Amount Paid (US$): 24.95/Mo.
|
|
|
|
Epinions.com ID:
Schinjay
|
|
Member: Steve Schindler
Location: San Antonio, Texas
Reviews written: 37
Trusted by: 58 members
About Me:
Steve Schindler writes his informative and humorous "Schindler's Cyber List" for epinions.com.
|
|
|
- Add to My Yahoo!: 
- Add to Google Homepage: 
© 1999-2008 Shopping.com, Inc.