ibill Denies Database Breach, Says Data Doesn’t Match Their Records
DEERFIELD BEACH, FL – A huge cache of stolen customer data recently uncovered by a pair of security firms did not come from a breach of iBill’s security, the president of the beleaguered company told Wired.After cross-referencing the 17 million allegedly stolen records against its own database on Wednesday, iBill President Gary Spaniak Jr. told Wired News that there were only three matches between the two data pools. Spaniak said the records iBill examined also included purchases made using Diners Club cards – a form of payment that iBill has never accepted.
According to Wired, The two databases of allegedly stolen transaction records include names, phone numbers, email addresses, street addresses, and IP addresses of customers who made purchases online. The records also appear to include login codes, card types, and purchase amounts, but not credit card numbers.
The files, both of which had names that implied iBill as the source of the data, were discovered by security companies Secure Science and Sunbelt Software independently. Secure Science found the initial list of 17 million records on a site set up as part of a phishing scam in February of 2005, and reported the find to the Miami field office of the Federal Bureau of Investigation. The second list, with just over 1 million records, was found on a spamming website by Sunbelt Software last month, sporting the file name “Ibill_1m.txt.”
Lance James of Secure Science, who had previously speculated that the data might have been stolen from iBill from within, perhaps by a disgruntled employee, now concedes that the list could be a fake, or falsely identified as iBill data in order to inflate its value to spammers shopping for data on the black market.
“This might be part of a new hacker establishing their reputation,” James told Wired. “They could say, ‘I hacked iBill.’”
According to Wired, Spaniak thinks the lists being erroneously linked to iBill is likely a result of the intense animosity in the adult webmaster community over the various troubles that have dogged iBill for the last several years and caused significant delays in payments being disbursed to iBill clients.
Spaniak said efforts to repay all iBill’s debts are ongoing, and the company intends to honor those debts.
“Over $20 million has been paid back, we have plans for paying back another $18 million,” Spaniak told Wired.