Hershey hacked by attacker who changes recipe rather than steal data

SC Magazine UK, Dan Raywood, August 4, 2011

A hacker managed to penetrate the website of confectionary giant Hershey and change a recipe. While the hacker left without taking any financial data, it is possible that passwords, email addresses, mailing addresses and birthdays of any consumer that registered on the site could have been accessed as they were stored on the same server as the recipe. In an email to customers, Hershey did not reveal which particular baking recipe the hackers altered, although it did say that there was ‘no indication’ that the data had been accessed. It said: “Consumers rely on us for this information, and we take the quality of our baking and cooking recipes very seriously. We have corrected the issue and taken steps to enhance the security of this information. We have thoroughly investigated the situation and reviewed the recipes on this site to ensure their quality.” Shannon Simpson, sales and marketing director at CNS, said: “Hackers are not always looking to expose companies, but often to embarrass them or highlight vulnerabilities. The implication of a defaced website is usually that security vulnerabilities exist. “Whilst it might be easy to dismiss the Hershey’s recipe hack, it does raise questions about how to secure data and what to do in the event of a breach. We recommend that all businesses start with a review of the data they’re holding, look at the architecture of your environment, categorise information and protect it according to its value and risk of loss. http://www.scmagazineuk.com/hershey-hacked-by-attacker-who-changes-recipe-rather-than-steal-data/article/209061/

Advertisements
  1. Leave a comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: