Headline Feeds
The Consumers' Association, a British advocacy group that campaigns to increase online security, said Friday that it suffered a security breach in its TaxCalc software site that left the credit-card information of nearly 3,000 customers exposed to unauthorized third parties.
The security flaw affected customers who purchased a copy of the Association's Which? TaxCalc 2001 software from its TaxCalc.com site.
According to the BBC, the flaw was discovered by someone who learned it was possible to download TaxCalc.com pages containing credit card details into Microsoft (Nasdaq: MSFT) FrontPage. Once the discovery was made, the person reported the incident to the London Times, which then informed the Consumers' Association.
"The TaxCalc site will remain shut until this problem has been resolved," said Kim Lavely, deputy director of the Consumers' Association. "We will be advising them to contact their credit card issuers to cancel their cards."
Taxing Situation
TaxCalc guides users through the process of completing British Self Assessment tax returns.
According to IDP Ltd., the UK software publisher that created the program for the Consumers' Association, TaxCalc has sold almost 250,000 units since Britain implemented self-assessment tax returns.
IDP said on its Web site the security issue is limited to customers who purchased TaxCalc directly from TaxCalc.com. The Consumers' Association has commissioned an independent security expert to conduct a security audit on the TaxCalc site.
How Ironic
The most recent annual Internet survey conducted by the Consumers' Association own research group, Which? Online, found that 72 percent of British Internet surfers are worried about online fraud.
In June 1999, Which? Online launched the Which? Web Trader program to encourage the development of a safe and secure online shopping environment for consumers.
The program provides approval logos to Web sites that meet the e-commerce and security standards pre-established by Which? Online. One of the standards says that approved sites must ensure that their Web sites are secure "so that consumers' personal information and transactions remain confidential and cannot be interfered with."
Last year, the Web Trader program became affiliated with Trust UK, an e-commerce code of practice accreditation body formed by the Alliance for Electronic Business and Consumers' Association, with backing from the UK's Department of Trade and Industry.
Cobbler's Shoes
This is the second security breach this week to impact an organization that specializes in Internet security or fraud.
On Monday, Anacom Communications, an online credit card processing and security provider, announced its databases were illegally accessed and fraudulent transactions were taking place using the merchant accounts on the Anacom network.
Anacom is the developer and owner of the WebCharge, WebCheck and Internet
Fraud Screening (IFS) payment processing gateways and technologies.
Talkback: 
