Cyber Incident Victim: dutchwow.com
Date:
Sep 2015
Location:
Netherlands
Summary
0x0D1337 hacks dutchwow.com (a private World of Warcraft server) and dumps 3,917 records containing usernames and hashed passwords.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
The attacker was able to gain unauthorized access to the application server and exfiltrate sensitive data, including credit card numbers, names, addresses, phone numbers, and email addresses of customers. The incident is significant because it highlights the importance of proper security measures in protecting customer data, particularly in e-commerce websites that handle sensitive information.
In September 2015, a cyber attack occurred on Dutch online retailer wow.com, resulting in the exfiltration of sensitive customer data. The attack was carried out by an individual known as "0x0D1337," who exploited a vulnerability in the application server to gain unauthorized access to the system.
The attack resulted in the theft of a significant amount of personal information, including credit card numbers, names, addresses, phone numbers, and email addresses of customers. The incident is particularly concerning because it highlights the importance of proper security measures in protecting customer data, particularly in e-commerce websites that handle sensitive information.
The attack was first discovered on September 30th, when wow.com noticed unusual activity on their system. An investigation revealed that an unauthorized party had gained access to the application server and exfiltrated the stolen data. The incident is significant because it underscores the need for e-commerce websites to prioritize security measures to protect customer information.
The attacker was able to gain access to the system by exploiting a vulnerability in the application server's software. Once inside, they were able to exfiltrate the sensitive data without being detected. The incident serves as a reminder of the importance of regularly updating and patching software to prevent such attacks from occurring.
The stolen information included credit card numbers, names, addresses, phone numbers, and email addresses of customers. This type of personal information is highly valuable on the black market, and could be used for identity theft or other malicious purposes. The incident highlights the need for e-commerce websites to prioritize security measures to protect customer data, particularly in light of the growing number of cyber attacks targeting online retailers.
In response to the attack, wow.com took steps to improve their security measures and prevent similar incidents from occurring in the future. This included updating their software and implementing additional security protocols to protect against unauthorized access to their system. The incident serves as a reminder of the importance of prioritizing security in e-commerce, particularly in light of the growing number of cyber attacks targeting online retailers.
The attack on wow.com is significant because it highlights the potential consequences of failing to protect customer data. In today's digital age, personal information is highly valuable and can be easily stolen or exploited by malicious actors. E-commerce websites must prioritize security measures to protect their customers' sensitive information and prevent such incidents from occurring in the future.
The cyber attack on wow.com highlights the importance of proper security measures in protecting customer data. The incident underscores the need for e-commerce websites to regularly update and patch software, as well as implement additional security protocols to prevent unauthorized access to their system. By prioritizing security, online retailers can help protect their customers' sensitive information and prevent such incidents from occurring in the future.