Egghead incident points out need to track online accounts

A recent break-in at's Web site has raised concerns about credit card theft. Security expert John McCormick says let this be a warning: Keep track of which credit cards you've used at which Web sites.

Does your organization deal with If so, you probably received an e-mail notice regarding a recent hack of its systems. The FBI is currently investigating the break-in at Egghead’s secure Web site. As Egghead president and CEO, Jeff Sheahan, disclosed on Jan. 8, 2001, "At this point, it is difficult to determine whether any fraudulent activity on this relatively small number of credit cards can be traced back to the attack on our system or whether it may be the result of credit card theft elsewhere…the evidence we have gathered to-date suggests that these credit card numbers were NOT obtained from our site.”

In a nutshell, it is not Egghead’s fault. It did everything right.

That may be, but it really doesn't help if someone in your business used a company credit card at and put your company at risk for credit card theft. You still need to cancel the card to avoid potential problems.

If your company uses credit cards for online purchases, this is a good time for your security officers to review online purchase practices. Your company credit card purchases are protected by the $50 limit on fraudulent charges. (Businesses and individuals should never use debit cards, which have no such protection.) However, straightening out false charges takes time, and many companies make so many charges for so many different things that some fraudulent charges may slip through the cracks.

What should you do?
This part is simple. Since your company uses dozens of credit card numbers to help manage expense reports, it's vital that someone keep track of every Web site where a credit card has been used and record exactly which credit card number has been given out. That way, when something such as the recent Egghead incident crops up, you won't be faced with canceling all your cards because you can't tell which one(s) have been compromised. For another alternative, check out my related article on using the American Express card to avoid online theft.

Have you been ripped off before?
If you'd like to share your opinion, start a discussion below or send the editor an e-mail.


Editor's Picks

Free Newsletters, In your Inbox