This story was written by Keith Dawson for the Industry Standard's Media Grok email newsletter. It is archived here for informational purposes only because The Standard's site is no more. This material is Copyright 1999-2001 by Standard Media.

Bibliofind Owned By Hax0r D00dz

Mar 06 2001 12:00 AM PST

The online rare-book dealer says it has been visited by hackers since last October.

As Amazon's stock zoomed yesterday, news emerged of a serious security breach at one of its subsidiaries., based in Massachusetts, revealed that a week ago it discovered that its system had been visited by intruders "monthly" since last October. The company announced that personal data on 98,000 of its customers, including credit-card numbers and addresses, had been compromised.

Amazon bought Bibliofind's parent company,, in 1999. Bibliofind lists more than 20 million rare books and ephemera for sale by independent booksellers.

News outlets gave the break-in story scant coverage yesterday and today. InternetNews was among the first to post on Monday, and its sister operation InternetNewsRadio led yesterday's newscast with a story on the security breach. Most of the press accounts leaned hard on a statement by an spokesman that no customer data at the parent company had been put at risk.

CNN reported that when Bibliofind reopened for business on Monday, it was operating strictly as a matching service for buyers and sellers of rare books, not as a broker of monetary transactions.

Many outlets quoted Bibliofind spokesman Jim Courtovich's account of the fiasco, but none raised an eyebrow at what he had to say. The company discovered the four-month-old, ongoing compromise of its customers' data only when hackers defaced the front page of on Feb. 26. What does a hacker have to do to get noticed around here, jump up and down screaming? Courtovich claimed that the company had no reports of any misuse of customers' data, but no reporter asked him why someone who noticed unauthorized charges on his credit card would think to tell Bibliofind about it.

Putting the break-in in perspective, James Mackintosh reported for London's Financial Times that online credit-card fraud had grown much less than expected in 2000. He quoted a study done by a payments clearinghouse that implicated organized crime in the bulk of credit-card scams. Finds Out It Has Been Hacked
Seattle Post-Intelligencer

Hackers Tap Credit Card Info at Bibliofind

Hack at Amazon-Owned Service Exposes Thousands
CNET Unit Bibliofind Says Credit-Card Data Were Compromised
Wall Street Journal
(Paid subscription required.)

Online Fraud Grows More Slowly Than Feared
Financial Times