The FBI's National Infrastructure Protection Center is warning U.S. e-commerce businesses that they continue to be the target of organized hacker activity.
Many online businesses have failed to heed previous FBI advisories urging them to patch security holes, the bureau said. Exploiting weaknesses in Microsoft Windows NT that were recognized as far back as 1998, the hackers have gained access to proprietary information, customer databases and credit card information.
The hackers then attempt to extort money from the victim companies, according to the FBI. They contact the company by fax, e-mail or telephone and offer to secure the system for a fee, otherwise they cannot guarantee that other hackers would not post credit card information on the Internet.
If the company fails to comply, further communications from the hackers become increasingly threatening. The FBI believes some credit card information is being sold to organized crime and that the data may be at risk even if the victim company pays the hackers.
Investigations have traced hacking attacks to organized groups based in Russia and Ukraine. The FBI has identified 40 victims in 20 states.