Online porn site Playboy.com has been penetrated by hackers who claim they have been poking around customers' credit card details since 1998.

Playboy president Larry Lux confirmed that the hackers had gained access to a number of credit card details and urged people to contact their issuing companies to determine whether their cards have been used for unauthorised purchases.

An email to affected customers from a hacker going by the alias Martyn Luther Ping warned that the group had "some very big plans" to use the compromised details to make purchases "resulting in over $10m worth of fraud".

The fact that the hackers emailed customers with their harvested details goes some way to prove that the warnings are genuine. The intruders also claimed to have had their hands on confidential company information for nearly three years.

Perhaps Ping's identification of himself as "minister of information ingreslock 1524" offers some insight into the nature of the hack. Ingreslock 1524 is a TCP port commonly used for a root shell in Solaris exploits.

And Playboy.com is running its front end on Solaris, so maybe back-end systems, including transaction servers, are running the same operating system.

The company has called in law enforcement officials to investigate the breach, but was quick to point out that "Playboy is only one of a number of high-profile companies which have been subjected to this kind of malicious hacking".