Rumours are swirling around the hacking of the computer system at Hamilton-based food company Aria Farms last month. The hacker gained access to part of the company’s customer database and sent out spurious recall notices for one of its leading products, with the clear aim of impacting confidence in quality.
According to one of the designers of the system, Anthony Morse at Hamilton’s Ultimate Design, entry was probably gained through knowledge of a user-name and password “that may have been gained from a stolen computer.”
Other sources have suggested a vendor’s default password was left in a network router, but Morse discounts this, and Maarten Kleintjes at the Wellington e-crime laboratory says it is too early to be sure how entry was effected. The lab was “tracing [suspect] IP addresses,” he said last week, but it has a number of more urgent cases on its books and he was unable to estimate when further progress might be made.
Aria’s database system was “four or five years old” and some of the email addresses stored in it could be found quite easily, Morse says. But most of the emails that the hacker attempted to send out were stopped. “[Local] media were wrong about the scale of the problem,; they said about 3,000 customers were involved; it was only a fraction of that.”