Home : Topics : Security : Scare stories
Software security
Information security
Handling secure information
Scare stories
< Previous: Encryption

Scare stories

There are many scare stories relating to security breaches on the Web. Here are a few embarrassing examples.

Credit card breaches

This story summarises a few credit card breaches that involved blackmail attempts.

"Another case that drew much attention involved the theft of some 300,000 card numbers from CDUniverse.com in December 1999. In that episode, a teenage Russian hacker released thousands of the numbers online when the music e-tailer refused to meet his $100,000 extortion demand."

This story describes how 2,700 customer credit card numbers were exposed by the Consumers' Association, a UK organisation which promotes its own Web security mark.

This email was sent to customers of Playboy.com, a major online site. It makes entertaining reading.

Web site defacement

This defacement archive lists defaced Web sites (you can also view the defacements). Although Web site defacement is not normally serious, you probably would not want your company's Web site to be replaced by one of these defaced pages. Look at the sheer number of sites that are defaced each day.


Viruses spread mostly due to poor security practices (such as people opening email attachments). However, if you are running out-of-date email software you could be infected by an incoming virus even without opening an attachment.

The anti-virus software provider MessageLabs tracks current viruses, and you can see a 'top 10' of current viruses. They also provide descriptions. At the time of writing, the current number one virus is W32/BadTrans.B-mm, which installs itself without any user intervention (if you have an unpatched email client), sends itself to everyone you know, and also installs a trojan that monitors passwords you type and emails them to the virus creator.