National alert over massive credit info theft

The Australian Computer Emergency Response Team (AusCert) has issued a national alert to update security systems following the largest theft of credit card numbers in the Internet's history.

AusCert has called on its members to download patches to fix security holes in Microsoft's SQL servers after Russian and Ukrainian crime gangs stole a million credit card numbers from e-commerce sites and online banks around the world.

As reported last week in CW once the credit cards were stolen site operators were blackmailed in a massive international extortion racket which is being investigated by the Federal Bureau of Investigations (FBI).

AusCert said hacker activity targeting e-commerce and e-finance sites has been going on for months despite warnings issued to Australian companies last year.

Products affected are Microsoft's SQL Server 7.0, Data Engine 1.0 and Internet Information Service 5.0.

AusCert said patches were made available late last year but many companies did not undertake installation leaving their e-commerce server vulnerable to attack.

While no Australian sites have been hit to date, AusCert is referring members to a bulletin issued by the US National Infrastructure Protection Centre (NIPC).

Additional information is available at

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about AusCertAustralian Computer Emergency Response TeamComputer Emergency Response TeamFBIMicrosoftNIPCSecurity Systems

Show Comments