Graham Cluley’s blog

A 60-year-old man has been arrested and indicted on charges of hacking into and attempting to extort money from the North American branch of luxury car firm Maserati.

According to media reports, Bruce Mengler is accused of hacking into Maserati's network in March of this year, stealing information about potential customers.

Maserati had been running a special promotion sending out fliers inviting customers to test drive Maserati vehicles. In return, potential customers could receive gift certificates redeemable at Omaha Steaks.

The indictment says that Mengler broke into the website, downloaded the customers' information and then threatened to publicise the security breach via email unless Maserati paid him.

Mengler, who lives in Solana Beach, near San Diego, is said to have made threats against from a Google Gmail address: sol.beach@gmail.com. He is scheduled to appear in court again on 31 October.

If a hacker was able to gain access to customer information via the promotional website then there is a clear warning here to all companies that they need to properly secure their public websites. It's all very well asking for potential customers to enter their names and addresses in exchange for free steaks, but you'll be dealing with higher stakes (groan...) if your website is not properly defended.

* Image source: Dwaas76's Flickr photostream (Creative Commons 2.0)