No clues on AOL security breach

The world's largest ISP is still investigating a Friday break-in by vandals who wormed their way into customers' accounts
Written by Charles Cooper, Contributor

America Online was still investigating an attack by vandals who fooled several company employees to gain access to an undisclosed number of member accounts.

So far, however, no clues -- or at least none that the company is ready to talk about just yet.

"We're in the process of investigating, so I can't provide you with information about when this may have occurred," said AOL spokeswoman, Trisha Primrose. Essentially a cyber con job, the attack -- which came to light on Friday -- highlights once again the vulnerability of even the world's largest Internet services provider to the threat of hacker attacks.

The attack appeared to use a Trojan Horse -- a program that seems useful, but in actuality has a secret mission. The attack resembles in some ways the ILOVEYOU virus that temporarily paralyzed tens of millions of computers last month, penetrating networks in government and companies worldwide.

The company said that a small number of member accounts may have been illegally viewed, but the AOL spokeswoman rejected suggestions that this was part of a widespread and concerted attack.

"I'd point out that I think the word attack is the wrong word," Primrose said. "It appears as though a small number of employee accounts were compromised through the downloading of a virus, and that by illegally using these accounts, hackers claim to have viewed a very limited number of member customer service records."

Here's how it worked: the perpetrators of the attack targeted AOL customer service representatives with e-mails containing a 'Trojan horse' attachment, that, when opened, created a connection to the sender's computer and allowed access to some AOL accounts.

The company has so far declined to say how many accounts were compromised or when the attacks occurred.

AOL says the hackers involved did not appear to have gained access to AOL's 23 million member database of subscribers, or data on users of other services that include CompuServe, Netscape Netcentre, ICQ and other popular sites.

The latest break-in appears to have affected at most several hundred AOL member accounts, according to a hacker familiar with the events.

The attacks came to light after 'Inside AOL' and 'Observers.net', two Web sites critical of America Online's service, published details of the attack, said 'ytcracker', a member of the Inside AOL group.

Ytcracker said no AOL member information had been made public. The attacks appeared to be a stunt to gain control of desirable screen names on the AOL service, not invade member privacy or steal credit card information for example, he said.

AOL appeared to be alone among major US Internet sites in averting a shutdown of its services during a wave of attacks on major e-commerce Web sites in February. AOL has previously said it had seen minimal impact from the ILOVEYOU virus in May.

Reuters contributed to this story

What do you think? Tell the Mailroom. And read what others have said.

Editorial standards