This incident has 0 proposed changes.
Know of details that have changed? Submit them
Showing Incident 441 
SUMMARY
| Credit card numbers of 9,240 on hacked server | |
| Records | 9,240 |
|---|---|
| Record Types | CCN |
| Breach Type | Hack |
| Data Family | Electronic |
| Source | Outside |
| Organization | Life Is Good |
| Other Affected/Involved Organizations | None |
| Lawsuit? | NO/UNKNOWN |
| Data Recovered? | NO/UNKNOWN |
| Arrest? | NO/UNKNOWN |
| Submitted By: | Anonymous |
TIMELINE
| Date | Event |
|---|---|
| None. Add Data | Incident Occurred |
| 2006-08-17 | Incident Discovered By Organization |
| 2006-09-19 | Organization Reports Incident |
| 2006-08-30 | Organization Mails Notifications |
| None. Add Data | Records Recovered |
| None. Add Data | Lawsuit Filed |
| None. Add Data | Arrest Made |
SIMILAR INCIDENTS
| records | date | organizations |
|---|---|---|
| 15,700 | 2000-11-14 | Western Union |
| 15,000 | 2005-04-12 | Eastern National, National Park Service |
| 14,277 | 2006-04-28 | U.S. Department of Defense, Tricare Management Activity |
| 9,300 | 2006-05-19 | Unknown Organization, Frost Bank |
MAP OF INCIDENT LOCATION
Address: USA
Have a better address for this incident? Suggest it!
suggest a new reference
REFERENCES
suggest a new attachment
ATTACHMENTS
COSTS SUMMARY
Known Actual Costs
|
Estimated Costs
|
|||
|
||||
PRIMARY SOURCES
Primary Source ID: 717
| add details to this primary source Description | |||
|---|---|---|---|
|
Business breached is Life is good, Inc. (Lig), 15 Hudson Park Drive, Hudson, NH, 03051. Form states affected is 328 in NC out of estimated 9,240 total. Form submitted on September 13, 2006, but states they had initial correspondence on August 23, 2006. Breach discovered August 17, 2006, when several customers called saying they had been notified of unusual/suspicious charges on their credit cards after having generated transactions with Lig. Company determined access achieved via either SQL injection or deciphering a password. Correction was made by: restricting IP access, changing passwords, deleting existing data, and creating SQL trigger warning. Of note: There is a 10-instance discrepancy reflected between this report and the initial "First Incidence ID" (9,240 v 9,250).
|
|||
| Filename | Source | Researcher | Incident IDs |
| NC_life_is_good.pdf | North Carolina Department of Justice, Consumer Protection Division | cwalsh | <a href='/incidents/show/441'>441</a> |
| Records | File Date | Uploaded | Updated |
| 328 | 2006-09-13 | 2008-12-11 | 23 Sep 19:15 |
| Excerpt | |||
North Carolina Security Breach Reporting Form Pursuant to the Identity Theft Protection Act of 2005 Name of Business Qwning or Licensing lnformation Affected by the PLEASE SUBMIT FORM T0: Breach; tsj... |
|||
COMMENTS
Breach Types:
- Disposal Computer | Disposal Document | Disposal Tape | Disposal Drive
- Disposal Mobile | Email | Fax | Fraud Se
- Hack | Lost Computer | Lost Document | Lost Drive
- Lost Laptop | Lost Media | Lost Mobile | Lost Tape
- Missing Document | Missing Laptop | Missing Media | Snail Mail
- Stolen Computer | Stolen Document | Stolen Drive | Stolen Laptop
- Stolen Media | Stolen Mobile | Stolen Tape | Unknown
- Virus | Web |
Sponsored By:
Use of the DataLossDB, and its exports, RSS feeds, reports, or other materials produced on this site by the Open Security Foundation requires authorization and potential licensing arrangements. For more information, please e-mail officers@opensecurityfoundation.org with a brief summary of how you would like to use this information; product, service, research, etc.
© 2005 - 2012, Open Security Foundation, All Rights Reserved.