Waqas writes:
A Saudi hacker going with the handle of @security_511 / on Twitter has claimed to hack a private online Israeli gift store and leak credit card details of customers on the web.
After scanning the data, we have found out full usernames of credit/debit card owners with their phone numbers, addresses, date of birth, card type, card numbers, expiration date and most importantly CCV numbers of cc/db cards are also available.
Saudi hacker announced the breach on his Twitter account and claimed that this is only ‘The first batch’, and there is more to come.
Read more on HackRead.
There does not appear to be any alert on the web site at this time, but I took a look at their Security page, where it states:
Your privacy is important to us.
This privacy policy applies to giftstore.co.il only. We at giftstore.co.il are a company built on integrity and take great pride in the level of security applied to any information collected on our site. Maintaining your privacy and safeguarding your confidentiality is of the utmost importance to us. As you browse through our site, information is collected about you and your visit to our site.When we request personal information from you (such as name, address, phone number and credit card number), it is done on our secure servers. Gift store is a secure website that allows you to purchase gifts online.
How do we protect the security of your personal information? The security of your personal information is very important to us. In our efforts to protect your online transactions, we use a technology called Secure Sockets Layer (SSL). If your browser is capable of SSL (and most are), your personal information will be automatically encrypted or encoded, before it is sent over the Internet.
In the website there is the most advanced security system in the world of THAWTE (SSL) technology.
Gift store does not sell, rent, exchange or otherwise disclose personal information collected on this site. Personal information collected by giftstore.co.il is used to service your account and process your requests.
Our security measures are designed to prevent anyone from stealing and using your credit card number. In addition, consumer protection laws protects you against the unauthorized use of your credit card. Under the Fair Credit Billing Act, if your credit card is used without your authorization, your liability for those fraudulent charges cannot exceed $50. So, if someone steals your credit card or your credit card number, your liability is limited to $50 no matter how much the thief charges to your account. If your credit card provider does hold you liable for any part of this $50, we will cover the entire liability for you, up to the full $50.
In the unlikely event of a fraudulent use of your credit card at giftstore.co.il, you must notify your credit card company in accordance with its rules and procedures. Giftstore.co.il only covers this liability if the unauthorized use of your card resulted through no fault of your own, from purchases made at giftstore.co.il while using our secure servers.
Assuming they really were hacked and the data dump is for real, a more modest statement might have been in order.