Two breaches seemed small and innocuous at the time, but weren’t. A timely reminder why entities should notify even when they think risk is low.
Thomas Fox-Brewster reports:
In 2009 and 2010 two separate attacks hit widely-used online gambling payments processors Moneybookers and Neteller. Though they initially appeared innocuous, it now seems both attacks saw millions of users’ private data – addresses, emails, telephone numbers, birth dates and, in the case of Neteller, answers to password hints – fall into criminal hands. The details are only now being made public by Optimal Payments, the London-based owner of both Moneybookers (now Skrill) and Neteller, after disclosure from FORBES. The company is now reinvestigating the hacks and the possibility of further breaches.
Read more on Forbes.
Update: “The database that was given to Troy Hunt contained around 3.6 million and 4.5 million user data from Neteller and Moneybookers, respectively.” SOURCE: PaymentWeek.