Batteries.com hacked

May 29, 2009
Personal information of customers was exposed and potentially used in identity crimes after a malicious hacker gained access to the server of online battery retailer, Batteries.com for several weeks.

How many victims? Unspecified.

What type of personal information? Names, addresses and credit card information.

What happened? The hacker gained access to the server on February 25; access was diminished “significantly” around March 17 and terminated on April 9.

Batteries.com learned of the breach on March 13 because a customer reported to the company potentially unauthorized activity regarding a credit card account. A “small” number of additional Batteries.com customers have contacted the company to report similar potential credit card fraud.

Details: Batteries.com had firewalls and antivirus protections in place at the time of the incident.

What was the response? The company launched an investigation with internal and external forensic experts to determine what happened. In addition, the company put measures in place to prevent similar incidents from occurring in the future, including limiting the amount of information stored and decreasing the time period it’s stored for.

Batteries.com is working with the U.S. Secret Service and law enforcement to identify those responsible. The major credit card companies (i.e., American Express, Discover, Mastercard and Visa) have been notified.

Affected individuals have been offered 2 years free credit monitoring.

Source: Batteries.com, “A message from batteries.com."
prestitial ad