Hacker put details on web in spite

, posted: 17-Sep-2003 21:58

A 14-year-old hacker put 895 customer records of Hamilton internet provider Net4U on the web in an act of spite. The information included the names, addresses and telephone numbers, as well as email addresses, passwords and customers' credit card numbers with expiry dates.

Net4U customer Dan Clark of Scarfies.net in Dunedin said he was outraged his details had been put on the web. He had been happy with Net4U's overall service, but "in terms of security, they've obviously got a lot to learn still" and planned to move off the internet provider soon.

Another Net4U customer, Adam Dinneen of Christchurch, contacted the Herald and said he was made aware of the website with the customer records on the file swapping DC++ service and found his personal details and credit card number on it. He had cancelled his credit card and would lay a complaint with the police.

The site showing the credit card details is hosted by another internet provider, Orcon of Albany. Orcon's managing director, Seeby Woodhouse, whose details were also found in the database, told the Herald he did not know who had put up the site, as the internet provider offered free websites for customers.

"It's probably someone who doesn't like us or Net4U very much," Mr Woodhouse said, after being read out a profane message left for Orcon's system administrator, Craig Whitmore, on the hacker's site.

An email address left on the website leads to a domain registered by a Conrad Gair of Newmarket. However, the
contact email address in the registration details belongs to a 14-year-old who was a former employee of Net4U.

The hacker admitted publishing the site at Orcon and also on a United States web hosting service. He told the Herald he now regretted putting up the sites. He said his motive was to get back at Sahil Gupta, the owner of Net4U.

Mr Gupta did not respond to telephone and email messages before publication.

The office of the Privacy Commissioner advises Net4U customers concerned that their privacy may have been breached to contact it.

Other related posts:
Video: Kim Dotcom and Mathias Ortman at the IITP Mega breakfast
Two-factor authentication broken
The problem with naming and shaming

comments powered by Disqus


Google News search
IT News
PC World New Zealand
Computerworld NZ
PC World and Computerworld Australia
PC World US
Computerworld US
NZ Herald
Virus Bulletin

Content copyright © Juha Saarinen. If you wish to use the content of my blog on your site, please contact me for details. I'm usually happy to share my material as long as it's not for spamblogs and content farms. Please attribute with a link back to this blog. If you wish to advertise on my blog, please drop me an email to discuss the details.
Comments policy All comments posted on this blog are the copyright and responsibility of the submitters in question. Comments commercial and promotional in nature are not allowed. Please ensure that your comments are on topic and refrain from making personal remarks.