FTC investigates PetCo.com security hole

FTC investigates PetCo.com security hole
Kevin Poulsen, SecurityFocus 2003-12-05

Pet supply retailer PetCo disclosed this week that its security and privacy practices are the target of an investigation by the U.S. Federal Trade Commission (FTC), which is following up on an e-commerce security gaffe that left as many as 500,000 credit card numbers accessible from the Web earlier this year.

Expand all | Post comment

FTC investigates PetCo.com security hole 2003-12-12
Anonymous (1 replies)

FTC investigates PetCo.com security hole 2003-12-13
Anonymous

FTC investigates PetCo.com security hole 2003-12-13
v_beam

FTC investigates PetCo.com security hole 2003-12-15
Nick (1 replies)

FTC investigates PetCo.com security hole 2003-12-15
Willy Electrix

To most companies, having some outsider find a vulnerability like this is a major embarrassment. I'm sure a good number of these companies would rather sue a white hat hacker than thank him for his efforts at making a making a more secure system. In this day and age, there's really no excuse for input validation vulnerabilities. Hiring some bright high school/college students to perform an ethical hack or functional security test would go a long way in not bringing on an FTC investigation and public embarrassment.

-Will

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/7581/24147#24147