90-year-old Alabama toymaker’s website hacked by grinches | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

It’s the most wonderful time if you’re a toy retailer – but hackers tried to spoil the holiday season for an Alabama toy company owned by a 90-year-old Anniston woman.

Lucy’s Toys withstood a phishing onslaught that attempted to compromise the company’s email and website just as shoppers started looking for gifts.

“We were frustrated more than anything,” Tom Moore, one of the family, said. “We don’t want anybody’s information to be compromised, and we don’t think that happened.”

Lucy Moore of Anniston was a schoolteacher when she founded Lucy’s Toys back in 1966, turning a sewing hobby into a business making stuffed animals, plush toys and puppets. Since then, four of her children, including Tom, have had a hand in the company.

This week, Lucy is on the road to Ohio for a craft fair, where the company does about 70% of its business. But Tom said the family noticed a few strange things last Wednesday morning, right before Thanksgiving.

“Our email had been hacked,” he said. “Somebody sent out a big phishing email to our customers, changed the autoreplies, and I started hearing from people who got the emails.”

The email went out to several hundred customers. He thought the problem was fixed, with the help of his daughters. But by Saturday morning, the company’s website was down.

Tom said it was hard to determine how long the site had been affected, and as the company does not host the site, the problem took the better part of a day to fix. Later, it was obvious the hackers were after more. As many as 150 fake orders were made, totaling less than $20 each, attempting to access credit card information. But that data is handled by another company.

“We don’t massively market to the world,” he said. “Our main focus is mostly people who already know us and have seen our product. Only a small portion of our business is through the Internet.”

The percentage was just enough to be concerned, especially during the busiest time of the year. Yet by Sunday night, orders were moving again.


Click Here For The Original Story From This Source.

National Cyber Security