Who Breached: Network Solutions
Number Affected: 500,000+
Information breached: Credit card information
As the result of a hacker penetrating their e-commerce system, Network Solutions has determined that approximately 573,938 credit card holders may have had their data transfered. The company detected that hackers had placed unauthorized code on servers for some e-commerce merchants' websites, and that this code may have been used to transfer data on some transactions. The credit card data was encrypted and PCI-compliant, and it is currently unknown how the malicious code entered the system.
From their news report:
The unauthorized code may have been used to transfer data on certain transactions for approximately 4,343 of our more than 10,000 merchant websites to servers outside the company. On July 13, 2009, we were informed by our outside forensic experts that the data being transferred may have included credit card information. The code may have captured transaction data from approximately 573,928 cardholders for certain periods this spring.
Merchants and their customers are currently being notified. Network Solutions has additionally put together an informational website for their merchants at careandprotect.com. Consumer information is also included there for reference. They have included a blog in the website to answer questions that have arisen in the last week.
The quick and forthright response by Network Solutions has been quite impressive. They seem very keen to answer questions and be public with their responses. In addition, they have offered to foot the bill for customer notification, rather than those costs falling to the merchants affected.
Other notable data breaches from July:
Via datalossdb, the register,