Election Section

Online retailer Egghead.com hacked

The Associated Press
Saturday December 23, 2000
Bookmark and Share

SAN FRANCISCO — A hacker broke into the computer systems of Egghead.com, forcing the online retailer to alert credit card companies and 3.5 million customers to the security breach and the possibility that their financial information was accessed. 

Egghead had been in the process of upgrading its computer systems over the past few months, but the improvements were no match for the unknown online invader who hacked the system earlier this week. 

“Egghead.com has discovered that a hacker has accessed our computer systems, potentially including our customer databases,” the company said in a statement released Friday. 

The break-in was under investigation and a spokeswoman for Egghead said the Menlo Park-based technology products retailer had notified credit card companies and the local FBI office. 

The hacker did not deface the Web site or shut the service down, but did manage to infiltrate sensitive computer areas. The company said the FBI is investigating how long the hacker was in the system and what he or she did while there. 

“The San Francisco division of the FBI’s computer intrusion squad is working with Egghead to make an assessment of the security of the hack,” said Andrew Black of the FBI. Federal investigators would continue examining the hack over the weekend, Black said. 

In response to the hacker activity, Egghead has also hired computer security specialists. 

”(Egghead) hired Kroll Worldwide, which is one of the leading security firms in the world, to evaluate the system and make sure something like this doesn’t happen again,” said Egghead spokeswoman Shoreen Maghame. 

Egghead CEO Jeff Sheahan was to e-mail each of the Web site’s registered users Friday and explain the company’s actions in response to the hack. 

The hacker attack was reportedly a first for Egghead. There is the possibility that the Egghead customer information was not accessed, Maghame said. 

Credit card theft from online repositories has plagued several Web sites this year. 

Last week, the FBI in Los Angeles confirmed they were looking for a hacker who put thousands of stolen credit-card numbers from creditcards.com on the Web after a $100,000 extortion demand was ignored. 

Western Union took its Web site off-line for five days in September after hackers stole 15,000 credit or debit card numbers.  

In February, a hacker infiltrated the computers of RealNames, an Internet search service with as many as 20,000 card numbers on file.  

On the Net:www.egghead.com