Music Web Site: Breach Exposed Accounts

March 16, 2006

By Dan Goodin, AP Technology Writer

http://news.yahoo.com/s/ap/20060317/ap_on_hi_te/web_site_breach



A musical instrument and sound gear Web site that advertises its relationship with artists such as Dave Matthews, Carlos Santana and Mary J. Blige notified some customers that their credit card information may have been stolen.

The warning, which came more than a month after someone broke into Bananas.com, was delivered Wednesday after The Associated Press inquired about the breach. The San Rafael-based company said none of its celebrity clients was among the 274 people notified.

Web site operators still are trying to determine how the intruder gained access. Following the discovery, administrators changed passwords and added other safeguards to restrict unauthorized access to the system, Bananas.com owner J.D. Sharp said.

The breach was discovered after an individual identified only by the screen name SmookeR advertised in an Internet chat room the sale of compromised credit card information. In late February, SmookeR released the names, addresses, phone numbers and credit card numbers of at least 31 people who had recently placed orders at the company.

"I'm a little stunned I'm the victim of something you read about a lot but don't expect to have happen to me," said Patrick Klein, 42, a musician living in Queens, N.Y. He said he received a call from the bank that issued his credit card asking if he authorized charges that originated in France.

Dan Clements, chief executive of CardCops, a company that helps shield consumers from identity theft, said he e-mailed evidence of the intrusion to an employee at Bananas.com on March 1 but never got a response.

The employee was on vacation and never got the messages, Sharp said.

[an error occurred while processing this directive]