Bibliofind
Lost Starting October
Posted
3rd May 2002001
2000 Bibliofind, one of largest online seller of books, was
the subject of a crack-attack. The result has been the end of
online sales and probable selling off to a `competitor', Amazon,
of Bibliofind and a blow to the perception of online commerce.
Conspiracy theories abound, however one thing is true, Bibiofind
sent out the following email to all 70,000 Bibliofind dealers
and another email quoted below was sent to all customers who
bought books via Bibliofind between October 2000 & February
2001 - that is probably millions of people. Very probably very
few of Bibiofind's ex-clients will feel like buying books over
the Net again in a hurry (if ever). Is there some gold in this
mess? I think so. If online commercial operators were to treat
credit card data as a one-off sale and purchase and never save
credit card information in any form after completion of each
transaction, it might cost a bit more, but it might also save
the a business from such fatal attacks as witnessed here. More,
the security of commerce online would be greatly enhanced. Dear
Bibliofind Dealer: Bibliofind has just learned of a security
violation that compromised the security of buyers' credit card
information stored on Bibliofind servers, and which has existed
on our site since last October.
Today, we sent all affected Bibliofind customers an email notifying
them of this situation. We have no information at this time
that leads us to believe that our customers' credit information
has been misused, but we have alerted them as a precautionary
measure. In addition, we have no evidence suggesting that Bibliofind
dealer credit card information has been jeopardized in any way,
as this information is maintained in a separate database. We
have been in contact with the federal law enforcement authorities
and the appropriate credit card companies on this matter. In
turn, the credit card companies are notifying the card issuers
and banks so that they can take whatever steps may be necessary
to protect the interests of affected cardholders. In order to
ensure this doesn't happen again, we have removed all buyer
credit card information, physical addresses, and phone numbers
from Bibliofind's servers. We expect to bring the Bibliofind
system back into operation shortly. Bibliofind will continue
to serve as a "matching" site between buyers and independent
booksellers.
Customers
will now email you directly when they would like to purchase
an item that you have listed on Bibliofind. At that point, you
can then communicate directly with the buyer to complete the
transaction. Additionally, Bibliofind will now be a free service
for dealers. We apologize for any inconvenience this may cause
you and appreciate the business you do through Bibliofind. If
you have any questions, please email us at dealers@bibliofind.com.
Sincerely, Bibliofind Dear Bibliofind Customer: As you may know,
Bibliofind has learned of a security violation on its site that
compromised the security of some customers' credit card information.
Although we have no information at this time to suggest that
any credit card you used to make a purchase from a Bibliofind
dealer has been misused in any way, we wanted to notify all
our customers as a precautionary measure. If you have specific
questions about your credit card account, please contact the
issuer of your credit card. To ensure this doesn't happen again,
we have removed all customer credit card information, physical
addresses, and phone numbers from Bibliofind's servers. We apologize
for any inconvenience this may cause you. You can contact us
with questions at info@bibliofind.com. Sincerely, Bibliofind