FTC investigates PetCo.com security hole

FTC investigates PetCo.com security hole
Kevin Poulsen, SecurityFocus 2003-12-05

Pet supply retailer PetCo disclosed this week that its security and privacy practices are the target of an investigation by the U.S. Federal Trade Commission (FTC), which is following up on an e-commerce security gaffe that left as many as 500,000 credit card numbers accessible from the Web earlier this year.

Colapse all | Post comment

FTC investigates PetCo.com security hole 2003-12-12
Anonymous (1 replies)

How does one try to find exploits like this ( IN order to tell the admin of the problem )in a web site or network without getting in trouble with the law?...

[ more ] [ reply ]

FTC investigates PetCo.com security hole 2003-12-13
Anonymous

Easy. Generally, you put a single quote (') into a form or URL. If the government can prosecute for making an HTTP request......

[ more ] [ reply ]

FTC investigates PetCo.com security hole 2003-12-13
v_beam

Why does Petco sound so ungreatful for this discovery? And it sounds as though they never made a formal statement to the individuals who's cc's were exposed. Computers at companies like these should be un-plugged by the FTC! Forever!!...

[ more ] [ reply ]

FTC investigates PetCo.com security hole 2003-12-15
Nick (1 replies)

First, I believe that Jacks should be commended for his action. This is the kind of security professionals that we need more of in the world. If he really wanted to, he could have really caused some damage to a lot of people's credit.

Second, I believe that PetCo should be restricted to doing bus...

[ more ] [ reply ]

FTC investigates PetCo.com security hole 2003-12-15
Willy Electrix

To most companies, having some outsider find a vulnerability like this is a major embarrassment. I'm sure a good number of these companies would rather sue a white hat hacker than thank him for his efforts at making a making a more secure system. In this day and age, there's really no excuse for in...

[ more ] [ reply ]