Forgot your password?
typodupeerror

Massive Porn Buyer Info Leak 251

Posted by Zonk
from the get-off-the-internet-this-is-a-sign dept.
Anonymous Guy wrote to mention a Wired article that covers the release of information for millions of customers onto the Internet. From the article: "The stolen data, examined by Wired News, includes names, phone numbers, addresses, e-mail addresses and internet IP addresses. Other fields in the compromised databases appear to be logins and passwords, credit-card types and purchase amounts, but credit-card numbers are not included. The breach has broad privacy implications for the victims. Until it was brought low by legal and financial difficulties, iBill was a top credit-card processor for adult entertainment websites."
This discussion has been archived. No new comments can be posted.

Massive Porn Buyer Info Leak

Comments Filter:
  • Weakest Link (Score:4, Interesting)

    by nmccart (952969) on Thursday March 09, 2006 @03:57PM (#14885028) Homepage
    It's not surprising someone other than MasterCard actually had a list of card numbers stolen. I have customers all the time tell me how they don't like what they feel are draconian measures to protect the credit card numbers people have in their own systems. What they fail to understand is that Visa and Mastercard require us to do this, and the protections we have are customer service.

    But they still complain, because their customers and they themselves don't ever notice. Hell at one point I was told by a demanding customer to remove the protections because he said "I'll risk it." I was tempted to show him how insecure he was by remotely accessing his system, getting his list of customer phone numbers, and telling all his customers that he was careless with credit card numbers and their numbers could have easily been stolen from his system.

    People are pretty careless about credit card security. It's usually in the name of convenience and visible customer service. Credit card security is invisible service. Being able to purchase something conveniently flies right in the face of having security which just might prevent you from selling something to someone, so some people don't care, as long as they are selling. Owners care once they find out that they'll be issued chargebacks, but individual salesreps will write down every credit card number on a piece of paper if it means making money for them personally.

    Visa and Mastercard have the right idea, and in the press release I like how they said that they gave cardsystems a "limited amount of time" to basically get their act together so this doesn't happen again. Education and enforcement of regulations... nice to see an organization, especially one that is a corporation, actually give a damn.
  • Quite Humorous (Score:5, Interesting)

    by eldavojohn (898314) * <eldavojohn.gmail@com> on Thursday March 09, 2006 @03:57PM (#14885029) Journal
    From the frontpage of iBill [ibill.com], they have their most recent news as:
    Internet Billing Company, LLC (iBill) announced that the relocation of their corporate headquarters to more cost-efficient facilities has been completed.
    Even after looking around, I can't determine where this move was to. Their contact info on the site lists Deerfield Beach, Florida as their location. Is it possible they moved all their transaction servers to a different country to avoid possible legal implications?

    If you care to read more about iBill, you can check out their blog on G Spot [xbiz.com]. I didn't link the blog because it's not about the company; it's about trading buyers across all of its customer sites.

    I wonder if this is a case of the company selling anything they could to escape dire financial straights or if it is the case of a disgruntled underpaid employee indulging.

    Am I surprised such a shady company had its user's credit card info traded on the black market? Gosh, not really.
  • by XorNand (517466) * on Thursday March 09, 2006 @03:58PM (#14885036)
    "Massive Porn Buyer Info Leak?" What the hell does that even mean? Hats off to Zonk for managing to use "porn", "leak", and "massive" all in the same headline and posting it to one of the most widely read sites on the net. That sound you hear is thousands of RSS feed subscribers all scratching their heads.
  • If... (Score:3, Interesting)

    by Anonymous Coward on Thursday March 09, 2006 @04:05PM (#14885101)
    If we used a decentralized, anonymous digital cash system, these kinds of problems would be much less common. Furthermore, the responsibility would lie in your own hands rather than in the hands of thousands of unidentifiable people at some corporation.

    I suppose it's wishful thinking, though, because everybody wants to be the central financial gateway (Visa, Mastercard, Paypal, etc.) and governments prefer being able to track all transactions (toll booth transponders, bankers reporting all transactions over $10,000, etc.).
  • Still Online? (Score:5, Interesting)

    by NoData (9132) <_NoData_NO@SPAMyahoo.com> on Thursday March 09, 2006 @04:09PM (#14885137)
    FTFA:
    Last month, Sunbelt Software found an additional list of slightly over 1 million individual entries labeled Ibill_1m.txt on a spamming website. That list appeared to date from 2003.

    Hmm.

    http://www.google.com/search?q=Ibill_1m.txt [google.com]
    [TXT] Ibill_1m.txt 08-Jun-2003 03:49 214M
    Thaaaat doesn't look good.

  • by eldavojohn (898314) * <eldavojohn.gmail@com> on Thursday March 09, 2006 @04:15PM (#14885182) Journal
    After all, the article said that no pieces of information were stolen that required them (by law) to inform their customers. Pretty convenient, eh?

    I also noticed that they're from Deerfield Beach, Florida. Now, something odd about Deerfield Beach is its location [google.com]. It's on the coast of Florida there. That unmarked island on the east side of the map? That would be Grand Bahama. Care to take a guess at what country it lies in?

    So my guess is that the company did this legally and by choice. They probably found some bum on the street who didn't ask questions and would like to recieve a paycheck. He's probably also the president of the company with very limited responsibilities and capabilities. They're also probably prepared to give him a briefcase full of $100,000 and a boat to take to Freeport. And also some cute documents for him to sign that might as well say that he shot JFK.

    Meanwhile, all the workers and people profiting off the deal claim they had no knowledge.
  • Re:Weakest Link (Score:4, Interesting)

    by plover (150551) * on Thursday March 09, 2006 @04:17PM (#14885196) Homepage Journal
    There was something else of interest in TFA. Wired posted the address of a "spammer community site," specialham.com [specialham.com].

    That plus a few curious slashdotters will probably slow their spam chatter for a few days.

  • Whois data (Score:5, Interesting)

    by NoData (9132) <_NoData_NO@SPAMyahoo.com> on Thursday March 09, 2006 @04:23PM (#14885249)
    Anyone know if this guy is a known spammer? He's now upgraded to trafficking in stolen property.

    http://www.whois.net/whois.cgi2?d=5sec.us [whois.net]

    (sorry, lameness filter is being lame, here's just the basics badly formatted)

    Registrant Name Sean Rogers
    Registrant Organization Sean Rogers
    Registrant Address1 1275 Falkland Rd
    Registrant City Jacksonville
    Registrant State/Province FL
    Registrant Postal Code 32221
    Registrant Country United States
    Registrant Country Code US
    Registrant Phone Number +95.486824101
    Registrant Email gsmmax@mail.ru
  • Re:MOD PARENT UP (Score:1, Interesting)

    by Anonymous Coward on Thursday March 09, 2006 @04:25PM (#14885269)
    Anyone have a .torrent file?
  • What we need (Score:4, Interesting)

    by lildogie (54998) on Thursday March 09, 2006 @04:25PM (#14885270)
    What we need is for the name of some elected official(s) to be found in the data.

    Then we'll see swift lawmaking action to clamp down on leaks of personal information by merchants and money-handlers.
  • by paco3791 (786431) on Thursday March 09, 2006 @04:36PM (#14885369) Journal
    I had an ex-girlfriend once, who I still kept in contact with for some reason, who broke up with her then fiance because he charged $500 of Pr0n onto her debit card. Not credit card, debit card! Besides the obvious "What a Tool!" At the time I remeber thinking "Wow, that is a lot of real money to spend on something I can find just laying around on the web". This was in the early days of P2P and bittorrent wasn't even on the scene yet and still you could bairly do a search on the web without some offer for free porn poping up.

    Still amazes me, to this day, how people can be so stupid/lazy that they spend enough money to keep an entire industry racking up the profits when free, legal alternatives abound.
  • by AHumbleOpinion (546848) on Thursday March 09, 2006 @04:40PM (#14885389) Homepage
    If we used a decentralized, anonymous digital cash system, these kinds of problems would be much less common ... I suppose it's wishful thinking ... governments prefer being able to track all transactions.

    Exactly. You are more likely to see secure computers and honest people than anonymous digital transactions. Governments won't allow it. And no you do not have a US Constitutional right, quite the contrary, the US government has the Constitutional power to create currency, collect taxes, define felonies (say money laundering) and pass enacting legislation, etc.
  • Re:Weakest Link (Score:3, Interesting)

    by ObsessiveMathsFreak (773371) <obsessivemathsfreakNO@SPAMeircom.net> on Thursday March 09, 2006 @05:26PM (#14885847) Homepage Journal
    Um, anytime I buy something "questionable" or from a questionable source, I use a one time credit card number. I know MBNA has this. You set a dollar amount for the number, as well an expiry date.

    Some credit companies have even released the equivilent of a mobile phone top up card for credit cards. You purchace credit, which has a built in expiry date, and simply purchace online before it runs out. The card is reusable.

    They are designed primarily for online purchaces, but personally I feel this method will eclipse regular credit cards amoung the general population. It has certainly made me consider it, and am paticularly credit card averse.
  • by tvalley000 (410933) on Thursday March 09, 2006 @06:50PM (#14886662) Homepage
    iBill.com was also used by the Make Money Fast Hall of Humiliation (mmfhoh.org) back in 1997. Don't know if any of the members are in the lists, or if even the exposed names go back to 1997, but this would be baaaaaad for those members that received death-threats back in the day for their activities.

If what they've been doing hasn't solved the problem, tell them to do something else. -- Gerald Weinberg, "The Secrets of Consulting"

Working...