Petco settles with FTC over cyber security gaffe
Pet supply retailer Petco Animal Supplies Inc. will be on a short cybersecurity leash for the next 20 years to settle a Federal Trade Commission action over a security hole on it's e-commerce site that may have left as many as 500,000 customer credit card numbers exposed to hackers.
The settlement stems from an incident first reported by SecurityFocus in June of last year, when then 20-year-old independent programmer Jeremiah Jacks discovered that Petco.com suffered from an SQL injection vulnerability that left its database open to anyone able to construct a specially-crafted URL.
By Kevin Poulsen at SecurityFocus.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.