Cyber Incident Victim: Bay Area Bioscience Association
Date:
Sep 2014
Location:
United States of America
Summary
The Bay Area Bioscience Association experienced a security breach in its online payment system where an intruder inserted malicious files to capture visitor keystrokes, potentially compromising credit card information used for event registrations or membership transactions. The organization notified affected customers, advising them to monitor financial statements for unauthorized activity and temporarily shifted payment processing to phone-based transactions while enhancing website security measures to prevent future incidents.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The Bay Area Bioscience Association (BayBio) discovered a security breach affecting its online payment system within the two weeks preceding September 27, 2014. An unauthorized intruder compromised the checkout page of BayBio.org by inserting malicious files designed to capture user keystrokes. This attack potentially exposed credit card numbers entered by customers during transactions for event registrations or membership renewals. The organization identified that individuals who completed payments through the website's checkout portal were at risk of having their financial data intercepted. BayBio President and CEO Gail Maderis formally notified affected customers via a breach disclosure submitted to the California Attorney General’s Office on September 26, 2014. The notification confirmed the breach timeline coincided with recent website activity but did not specify the exact date of intrusion or the number of impacted individuals.
In response to the incident, BayBio immediately advised customers to scrutinize their credit card statements for unauthorized transactions and report suspicious activity to their financial institutions. The organization temporarily disabled credit card processing on its website as a containment measure, directing customers to enroll in events or renew memberships through www.baybio.org without submitting payment details online. Payments were instead processed manually via telephone until the security vulnerabilities could be resolved. BayBio publicly committed to enhancing its payment system security through unspecified tightened measures and promised to notify customers once full functionality was restored. The breach caused operational disruptions to online payment services and necessitated alternative transaction methods. No evidence suggested broader compromise beyond the checkout page's keystroke logging mechanism, though the notification acknowledged uncertainty regarding the extent of data exfiltration. Customer communications emphasized the priority placed on resolving security concerns while maintaining service continuity through interim procedures.