WHID 2007-84: Soccer league's online shoppers get kicked by security breach

It is already February, and we still add 2007 incidents. If
you wonder why, it is because organizations such as MLS only now find
out that they were hacked last year! Sometime between January and
August of 2007, names, addresses, credit and debit card data, and
passwords of an unknown number of people, including 169 New Hampshire
residents were stolen from the site.

Why New Hampshire? Because the company has to report to the
authorities there about the incidents, but only specify the number of
individuals from this state affected. Why only New Hampshire? Since
regulations and bills requiring disclosures exist in many states, one
would expect that the company would have to provide such a testimonial
in many states. This incident is another good example of the size of
the hidden part of the iceberg.

Additional information:

Soccer league's online shoppers get kicked by security breach [Computer World, Feb 8 2008]
MLSgear.com Notification to NH DOJ [New Hampshire DOJ, Feb 1 2008]

Attack Method:

SQL Injection

Incident Outcome:

Leakage of Information

Add new comment

WHID 2007-84: Soccer league's online shoppers get kicked by security breach

Science or Religion?

Further Research

Presentations

You are here

WHID 2007-84: Soccer league's online shoppers get kicked by security breach

Science or Religion?

Further Research

Presentations