The credit card details of 98,000 customers may have been compromised in a web hack branded as "horrifying" by a leading security analyst.
Bibliofind, a subsidiary of e-tailer Amazon, has been partially shut down after it was discovered that unknown individuals had been accessing customer information on its server between October 2000 and February 2001.
The breach came to light after the website was defaced last week. Bibliofind is still running the site but is not handling financial transactions and has removed customer details.
"The big question is why did it take so long for Bibliofind to discover it?" asked Richard Stagg, senior security architect at Information Risk Management.
He explained that the decision to remove customer details from the site after the breach was discovered amounted to "shutting the stable door after the horse had bolted", adding that the scale of the breach would shatter confidence in e-tailing.
Bibliofind spokesman Jim Courtovich said that the hack had been reported to the FBI, and that all 98,000 customers would be informed by email.
He added that there was no evidence that any credit card details had been misused, and that customers were being warned as a precautionary measure.
Amazon said that it runs its operation on a totally different system and was not affected.
Using photocatalysts to convert carbon dioxide into usable energy such as methane or ethane
Trained on curated data from Moorfields Eye Hospital, the neural network also shows clinicians how it reached its judgement
Yokohama National University demonstrate technology that could lead to a fault-tolerant universal quantum computer
Top-of-the-range Threadripper 2990WX now available from Scan, Ebuyer, Overclockers, Novatech and Amazon