Help! Website hacked

[InTheBlue]

My website has been hacked by a competitor who has been stealing all my customers details

I found out from several customers.

I know the person hosting the website should have stopped this and he has had a huge B*LL*CKING but too late now.

Is there any legal recourse?

What other options are there that are within the law even if just within?[/b]

[x9200]

This falls under Computer Misuse Act (Chapter 50A of the Statutes) and it is a crime with the penalty of a fine not exceeding $5,000 or an imprisonment for up to 2 years or to both. Go and report it to the police.
Plus you can claim your business damages within a standard civil trial.

[InTheBlue]

x9200 Thanks for that.

The company/guy that hacked me is in the States. Can I still go after him cross border?

[x9200]

I suggest you go to a police station and ask. I have no experience how this kind of things are handled in Singapore but the police can always ask for a legal help in the States. It can be all complex, lengthy and the police here is very pragmatic so IMO it is good to ask them if they are going to handle this part. Business is under special protection in SG so hard to guess - hacking your private PC would unlikely get them involved.
If the person from the States hacked your DB and later voluntarily approached your competitor then I guess it will be a minor offense. If the competitor found a hacker and paid him to hack your DB it should be something more heavy.

[carteki]

I think that you are going to have more joy going after him in the US legal sytem. If he is found guilty here, there is very little way of enforcing the judgement unless he enters the company.

(How about mentioning this to mutual suppliers and people in the industry etc - they won't like it either and it will cause him reputational damage)

[nutnut]

Doesn't it depend on where the crime was committed? if the hosting is done in the US and the hacker/competitor are in the US, then the law suit should be in the US I think

[x9200]

(How about mentioning this to mutual suppliers and people in the industry etc - they won't like it either and it will cause him reputational damage)

Without a proof the competitor will eat him alive in the Singapore's favorite of all the times show called the defamation case.

[Strong Eagle]

I think you are not going to have much joy at all. Unless you've got proof that you were hacked by your competitor, for example, confirmation of access to your files by your competitor's IP address, what are you going to use for proof?

Saying that your customers got calls from your competitor won't wash - you would need to prove that any lists of customers came from your website - how are you going to do that?

And, what do you expect to win in damages? Do you want to see him prosecuted for criminal theft and computer hacking?

I'd file a report with the DA, make sure my website is secure, and forget about it. A lawsuit will be long and ugly, and unless you are guaranteed a big basket of fruit at the end to make you whole again, you probably won't be satisfied with the outcome.

[ecureilx]

by your competitor's IP address

Don't quote me but even with proof of the IP, as I witnessed, a company got caught, they fired an employee saying he was rogue and then promised to vet their staff more closely in the future and took no responsibilty and went on to service the stolen customers ..

A simple site protection system would have meant a lot, especially if your site has less dynamic site ..

[InTheBlue]

I think, from what you are all saying, that I have no legal recourse without great financial expense.

I think I just have to improve security and not spend too much head space on this.......

but if anyone has a friendly hacker based in Morocco or Paraguay that has no extradition to any other country please forward me the details.

Other than that I am sure that I am helpless.

thanks for all responses guys and gals.

[ecureilx]

I think, from what you are all saying, that I have no legal recourse without great financial expense.

I think I just have to improve security and not spend too much head space on this.......

but if anyone has a friendly hacker based in Morocco or Paraguay that has no extradition to any other country please forward me the details.

Other than that I am sure that I am helpless.

thanks for all responses guys and gals.

Anyway, you can still approach the Police for advice

http://www.spf.gov.sg/abtspf/cid.htm

(used to be Computer Crime Branch, short form .. )

As for Morocco or Paraguay, you could also look at Estonia and Romania (apparently the two are known as hacker's paradise and offer special deals. .. )

[nutnut]

but if anyone has a friendly hacker based in Morocco or Paraguay that has no extradition to any other country please forward me the details.

I am sure you are only saying this as a joke in the heat of the moment! You must be careful to clarify these kind of jokes on public forums, you don't want to implicate yourself if anything happened to them.

[Strong Eagle]

but if anyone has a friendly hacker based in Morocco or Paraguay that has no extradition to any other country please forward me the details.

I am sure you are only saying this as a joke in the heat of the moment! You must be careful to clarify these kind of jokes on public forums, you don't want to implicate yourself if anything happened to them.

I think that if one were to post on the correct forums that one's website had been hacked, there would be a body of benevolent hackers who would want to go in and find out what happened... just sayin'...

[ttlucian]

Have you had any further developments on this? What is your hosting company saying.