A hacker attack

Since late January, at least eight small e-commerce sites have been hacked exploiting a known security hole in Microsoft software, according to a security investigator and companies and individuals affected by the attacks. The companies were listed on a taunting Web site posted by a hacker claiming credit for the attacks and listing thousands of stolen credit card numbers, sources said. He claims he seized more than 23,000 credit card numbers. The incidents come amid heightened concern about Web security after other high-profile attacks. In January, several top-tier sites, including Yahoo and eBay, were shut down after being flooded with requests for information in "denial of service" attacks. No customer or company data were stolen in those attacks. But close to 350,000 credit card numbers were stolen that same month from music site CD Universe and posted online. A hacker claimed he had the numbers and tried to extort $100,000 from the Web site. The FBI shut down the site where the credit card numbers had been posted.