Music Website Announces Data Breach

A website that sells instruments and other audio equipment has informed 274 of its customers that their payment card information may have been stolen, the Associated Press reports via the New York Post.

The site, Bananas.com, touts its relationships with popular recording artists like Carlos Santana and Dave Matthews, according to the AP.

The company issued the warning on Wednesday, a month after an unknown perpetrator hacked into the site, the AP reports.

San Raphael, Calif.-based Bananas.com told the AP that none of its celebrity clients was among the customers who had their information stolen.

The hacker’s means of entry into the site’s system is still unknown, according to the AP.

J.D. Sharp, the site’s owner, told the AP the company has since modified customers’ passwords, and added a number of additional security controls to prevent another such breach.

The incident was first uncovered when a Web surfer identified only by the name of “SmookeR” reported in an Internet chat room that compromised credit card information was being offered up for sale, the AP reports. SmookeR then released personal information on at least 31 Bananas.com customers in February, including names, addresses, phone and credit card numbers, according to the AP.

Patrick Klein, a 42-year-old New York City-based customer of Bananas.com, told the AP that he received a call from his bank, attempting to confirm credit charges from France that he never placed.

“I’m a little stunned I’m the victim of something you read about a lot but don’t expect to have happen to me,” Klein told the AP.

Dan Clements, identity protection services company CardCops’ chief executive officer, said he sent evidence of the breach to Bananas.com on March 1 but never received a response, according to the AP.

Sharp said the employee who received Clements’ e-mail was on vacation, the AP reports.

For related CSO content, check out When the Dike Breaks: Responding to the Inevitable Data Breach and The Five Most Shocking Things About the ChoicePoint Debacle.

For related news coverage, read Mich. Man Charged with Hacking into GM Database.

Keep checking in at our CSO Security Feed page for updated news coverage.

Copyright © 2006 IDG Communications, Inc.

Subscribe today! Get the best in cybersecurity, delivered to your inbox.