To:
Options Automatically parse URLs: automat JOLSEN5723@AOL.COMHLINK.NETMMEDIAONE.NET.NETCOM¨ÿ9$ÿ>:äa?ÿ¾ûLÿ9Xÿ9$ÿÍ
ëÿ9Ø
ø daÿ>7hÿ>7Èÿ?ÿ9¨ÿ9$ÿ>:ääÿ9$ÿ(lPÿ>=üÿ>:äøÿ(kÿŒÜÿ¾ûLÿ;Zøÿ¾û8ÿ9¨ÿ9$ÿ
9,ÿ94ÿ¾ûLÿÍëÿ9$ÿ(‘iÿ>=üÿ>:ä
From: Hugh Hefner <hef@playboy.com>
Subject: ingreslock 1524 security announcement
dear user,
since the summer of 1998, a shady hacker group known as ‘ingreslock 1524’ havemaintained full access to the playboy enterprises inc. (pei) corporate network. even when the pei websites were defaced by BoW/H4G1S and were ‘secured’, we retained our full access (no, installing ssh doesn’t make you secure).
we did have some very big plans to use the hundreds of thousands of customer details (names, addresses, order history & credit card information) harvested to automatically purchase hundreds of different products from different onlinecompanies (amazon, barnesandnoble, qvc, yahoo, even playboy) to be sent to each playboy customer, thus resulting in over 10 million dollars worth of fraud claims being made to credit card and in turn, insurance companies globally.
incase you think this is some kind of hoax, we have included your personal details below -
Name - OLSEN, JEFFERY L O G-GU
Credit Card Number & Expiry - Vxxxxxxxxxxx36440303
your details are currently circulating the underworld of anarchists and credit card fraudsters, so we highly recommend that you contact your bank before much fraud is committed. we have also distributed over a million e-mailaddresses to marketing and ‘spam’ organisations, so you will certainly have a lot of fun deleting unwanted e-mail into the future!
online companies can learn many lessons from this compromise -
1
- do not use the same root or administrative (oracle, webserv, etc.) user passwords across different hosts on the same network.
- never assume that by installing the latest security patches and installing ssh, that you are secure.
- do not use insecure authentication methods, including nis, nis+ or .rhosts.4. do not protect your passwords with des in your shadow files, use md5.
end users can learn an important lesson from this compromise -
1
- do not trust companies with your details online. its been emotional.
its been emotional. we’d like to thank the playboy systems team for providing us with an interesting and challenging target. i’m sure that a big security company will make easy money auditing their systems and hopefully deploying a more secure network - although we’ll be back to test it again.
martyn luther ping
minister of information
ingreslock 1524
--------------------Headers --------------------
Return-Path: <hef@playboy.com>
Received: from rly-xb01.mx.aol.com (rly-xb01.mail.aol.com
[172.20.105.102]) by air-xb04.mail.aol.com (v82.22) with ESMTP id
MAILINXB49-1119204317; Mon, 19 Nov 2001 20:43:17 -0500th ESMTP id MAIL
Received: from radiotravelshop.com (www.radiotravelshop.co.uk
[195.82.105.112]) by rly-xb01.mx.aol.com (v82.22) with ESMTP id
MAILRELAYINXB18-1119204230; Mon, 19 Nov 2001 20:42:30 -0500P id MAILRE
Received: from ingreslock1524 (localhost [127.0.0.1]) by
radiotravelshop.com (8.9.3+Sun/8.9.3) with SMTP id BAA01586 for
JOLSEN5723@AOL.COM; Tue, 20 Nov 2001 01:40:37 GMTd BAA01586 for JOLSEN
Date: Tue, 20 Nov 2001 01:40:37 GMT
From: hef@playboy.com
Message-Id: <200111200140.BAA01586@radiotravelshop.com>
Content-Type: text/plain; charset=“US-ASCII”
Content-Transfer-Encoding: 7bit