ELightBulbs.com - 17/03/2014

Elightbulbs.com is in a series of companies who have had security breaches due to exposure of ColdFusion weaknesses. The online company was contacted by Discover card alerting them to a pattern of fraudulent activity on cards that were recently used at their store. This is a similar incident to what happened with Smucker's. ELightbulbs.com was listed in the ColdFusion botnet panel. The Vice President of the company, Paul McLellan said "he first learned of the breach on November 7, 2013 from his company's processor, Heartland Payment Systems". He also stated that "shortly before we were told by Heartland, we paid $6,000 a year for a company to brutalize our server, for protection and peace of mind. Turns out this flaw had existed for two years and they never saw it."The FBI has stated that group responsible for the attack have also compromised much higher-profile targets as well.