Geeks.com not so 'Hacker Safe'

Geeks.com not so 'Hacker Safe'

Summary: Geeks.com, a computer gear e-tailer that sports ScanAlert's "Hacker Safe" logo, has been hacked.

SHARE:
TOPICS: Security, Banking
6

Geeks.com, a computer gear e-tailer that sports ScanAlert's "Hacker Safe" logo, has been hacked.

The Consumerist posted a letter from Geeks.com parent Genica to customers. The letter reads:

The purpose of this letter is to notify you that Genica dba Geeks.com ("Genica") recently discovered on December 5, 2007 that customer information, including Visa credit card information, may have been compromised. In particular, it is possible that an unauthorized person may be in possession of your name, address, telephone number, email address, credit card number, expiration date, and card verification number. We are still investigating the details of this incident, but it appears that an unauthorized individual may have accessed this information by hacking our eCommerce website.

If you've been a Geeks.com customer in the last year you may want to monitor your credit report.

The Hacker Safe logo comes from ScanAlert, a McAfee unit. McAfee bought the ScanAlert in October to add another revenue stream to its business. Analysts reckon that McAfee can weather an economic downturn better with ScanAlert in the fold. Under the ScanAlert business model, site operators pay for a site audit and due diligence so they can post the Hacker Safe badge.

Topics: Security, Banking

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

6 comments
Log in or register to join the discussion
  • Why?

    Why were they storing credit card information?
    RestonTechAlec
    • Because . . .

      . . . there is an option when you order to "Save Credit Card Info for Future Orders". (Text cut-npasted from actual payment page on their site, so I've confirmed it's there.) So, customers can have their credit card data saved so they don't have to enter it again next time they shop there. Basically, sacrificing security for convenience.

      Not saying that's a bright move on the part of any customer who selects that option, or on Geeks.com's for even having that option there. Just saying, that's why they had credit card data stored.
      Whyaylooh
  • RE: Geeks.com not so 'Hacker Safe'

    I think they hold the credit card information until it clears the credit card company and until accounting is done with their books which usually in 30 days. The problem is that there is no standard how long you can keep this information so we are vulnerable until the information clears. However the more important thing in this that how this information got out and what measures are stop this. It appears that no one was checking the all of the security, IDS, and all other vulnerabilities on their systems and "Hacker Safe" appears to be another badge without any meaning.
    phatkat
  • RE: Geeks.com not so 'Hacker Safe'

    ScanAlert's Reply:
    The allegation that Geeks.com was hacked while it was certified HACKER SAFE is false and misleading, and does not match the facts provided by Geeks.com to its customers. So far, no one knows exactly what happened, or whether this breach occurred on the web site or somewhere else. There is no evidence that this web site was hacked while it was certified HACKER SAFE. In fact, all of the information that ScanAlert has gathered so far indicates that this breach did not happen while Geeks.com was certified HACKER SAFE.
    ken@...
    • ScanAlert's Reply

      ScanAlert's Reply:
      The allegation that Geeks.com was hacked while it was certified HACKER SAFE is false and misleading, and does not match the facts provided by Geeks.com to its customers. So far, no one knows exactly what happened, or whether this breach occurred on the web site or somewhere else. There is no evidence that this web site was hacked while it was certified HACKER SAFE. In fact, all of the information that ScanAlert has gathered so far indicates that this breach did not happen while Geeks.com was certified HACKER SAFE.
      ken@...
  • RE: Geeks.com not so 'Hacker Safe'

    This just proves that nothing is totally hacker proof.
    Many are criminals, but many are also high school and college kids, probably computer majors, and knowledgable of many or the methods used. The youth factor has a lot more energy to devote to hacking, and may take it as a personal challenge. Geeks.com, just by it's name will attract a younger crowd making it a target. The fact that credit card info was stored on that server and not on a separate, super secure, single function customer server.
    bbaka@...