.jp: Hackers steal customer data by accessing supermarket database

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.japantoday.com/category/crime/view/hackers-steal-customer-data-by-accessing-supermarket-database

Kyodo News
August 15, 2010

OSAKA -- Hackers stole customer data from eight online supermarkets in 
Japan, including Uny Co. and Neo Beat Co, in July using a hacking 
technique called SQL injection to access their databases, sources familiar 
with the matter said Saturday.

A source close to Neo Beat, which also operates the websites of these 
online supermarkets, said it believes that the approximately 30,000 
unauthorized accesses to its database server were likely ??perpetrated by 
a group of professional hackers.??

The accesses, which were conducted from Japan and China on July 24-26, 
resulted in the theft of data on a total of 12,191 customers of the 
Osaka-based company as well as its seven business partners including 
supermarket chains Izumiya Co, Maruetsu Inc and Ryukyu Jusco Co.

Neo Beat has since filed a damage report with the Osaka prefectural 
police, and the companies have closed their online markets since late last 
month. Police investigators are now looking into the case and gathering 
relevant information.

[...]

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php