Cyber Incident Victim: Sourcebooks
Date:
Apr 2014
Location:
United States of America
Summary
A publisher experienced a breach in its website shopping cart software, exposing customer credit card details (card numbers, expiration dates, names, CVV) and personal information (names, email addresses, phone numbers, addresses), with some account passwords also compromised. The incident affected approximately 5,100 customers over a two-month period and stemmed from a security vulnerability in the platform. The company initiated a third-party forensic audit to assess the breach scope and disclosed the incident to authorities. While pre-orders through external retailers remained unaffected, the organization subsequently planned to transition credit card processing to a third-party provider to mitigate future risks.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Sourcebooks, the publisher of Brian Krebs' book "Spam Nation," experienced a security breach affecting its website shopping cart software between April 16 and June 19, 2014. The company disclosed the incident in November 2014 through a notification filed with the California Attorney General's office. Attackers exploited a vulnerability in the shopping cart system to access customer payment and personal data during the two-month exposure window. Compromised information included credit card numbers, expiration dates, cardholder names, CVV2 codes, billing addresses, email addresses, phone numbers, and shipping information. Some account passwords were also accessed, though the breach did not involve track data, PIN numbers, or printed card verification data. Approximately 5,100 customers who made purchases directly through Sourcebooks' website during the affected period were impacted. Customers who pre-ordered through third-party retailers like Amazon, Barnes & Noble, or Politics & Prose were unaffected by this breach.
The company detected the intrusion after the exposure period concluded and initiated a third-party forensic audit to determine the breach's full scope. Sourcebooks founder Dominique Raccah attributed the incident to attackers exploiting security weaknesses in the shopping cart software. Cybersecurity experts noted the inherent challenges of securing e-commerce platforms, with WhiteHat Security CTO Jeremiah Grossman emphasizing that shopping cart systems require extensive security testing due to their complexity. In response to the breach, Sourcebooks began transitioning credit card processing to a third-party provider to reduce future risks. The disclosure highlighted broader industry concerns about online payment security as financial institutions prepared to transition to chip-based cards, anticipating potential fraud migration toward e-commerce platforms. No specific details about attacker identification or financial impact on affected customers were disclosed in the available notification.