posted on June 18, 2005 09:04:35 AM new
OMG! This is getting scary. Its happening more and in greater volume every day!
-------------------------------------------
40M credit cards hacked
Breach at third party payment processor affects 22 million Visa cards and 14 million MasterCards.
June 18, 2005: 11:33 AM EDT
By Jeanne Sahadi, CNN/Money senior writer
NEW YORK (CNN/Money) - A security breach has occurred at a third-party processor of payment card transactions that affects over 40 million card accounts, Mastercard International said Friday.
Of the cards involved, 13.9 million were MasterCard-branded cards, which include Maestro and Cirrus, and 22 million were Visa cards, said Visa spokeswoman Rhonda Bentz.
The breach took place at the Tucson office of CardSystems Solutions, which processes transactions on behalf of financial institutions and merchants. CardSystems said in a statement that it identified the breach on May 22 and contacted the FBI the next day.
Mastercard learned the final details of the breach this week, according to spokeswoman Jessica Antle. "It looks like a hacker gained access to CardSystems' database and installed a script that acts like a virus, searching out certain types of card transaction data."
"We're working with the FBI. It's a criminal investigation," Visa's Bentz said, noting that CardSystems "was out of compliance" with Visa's security standards when the breach occurred and that Visa would review whether it would continue to work with CardSystems when the case is resolved.
CardSystems said it has taken measures since discovery of the breach to enhance its security procedures.
Mastercard said in a statement that it is giving CardSystems "a limited amount of time to demonstrate compliance with Mastercard security requirements."
FBI spokesman Rex Tomb couldn't give more details about the case, saying only that "we're looking into it. But there's nothing more we can say at this time. It's a pending case."
MasterCard said it is giving member financial institutions the specific card account numbers that may have been compromised.
The credit card information exposed in the breach did not include any Social Security numbers, birth dates or other highly sensitive personal data, Mastercard said.
Consumers receive protection if unauthorized charges are made on their credit cards. MasterCard and Visa, for instance, have zero-liability policies.
Bentz said Visa will be monitoring the accounts closely and should know before cardholders if there has been any fraudulent activity. Thus far, she said, "We haven't seen anything outside of the norm."
If ever you notice unauthorized charges on your credit card, you should notify your card issuer immediately.
The breach reported by Mastercard on Friday is one in a long line of breaches reported this year by consumer data aggregators like ChoicePoint, retailers such as DSW and corporations such as Time Warner, parent company of CNN/Money.com.
Rather than a rash of illicit activity, experts say, the slew of reports may have more to do with companies wishing to protect themselves in the wake of a California state law requiring businesses to notify its customers when their personal information has been exposed in a security breach.
Illinois this week became the second state to pass such a law.
Concerned about your ID being stolen? Click here.
To learn more about the companies that profit off your personal information, click here.
posted on June 18, 2005 09:08:01 AM new
Thank God I don't own a credit card! I do use my debit card constantly, but I don't know if those were effected.
posted on June 18, 2005 09:37:04 AM new
Cheryl, I think if your debit card has a mastercard or visa logo its through their system as well - but I'm not sure!
I just looked at my credit card statement and it's got a balance of thousands of dollars that's been building up for more than a year! All the charges are from eBay and local stores whose names I recognize cause I've shopped there. And now I hear that my CC info could have been spread all over the world!
I wonder how much longer it'll be till this kind of fraud is so common that I can use it as an excuse for not paying my bill?
--------------------------------------
Quidquid Latine dictum sit altum sonatur.
posted on June 18, 2005 10:03:13 AM new
In addition, your Visa or MC branded debit card goes straight into your checking account. I don't know if those cards have the same zero liability as the credit cards. If they don't, you could be giving the bad guys a key to your actual bank account, not just a credit card.
____________________________________________
Fue por lana y salió trasquilado...
posted on June 18, 2005 11:05:33 AM newCardSystems said it has taken measures since discovery of the breach to enhance its security procedures.
Never ceases to amaze me that these companies are always so quick to say they WILL take care of what should have been in place BEFORE these breaches took place, not after they've already occured.
And if there was some way that we could get these hackers, who usually turn out to be young, intelligent men, turned around in a more positive direction where they could put their brains and computer skills to better use....
But I was glad to read that the SS#s weren't in the same data base though - as identity theft is a growing area of crime, now-a-days. An area that concerns me much more than CC charges do.
Most of my friends do all their banking online....and it's SO convenient....but until the online security situation becomes much more reliable/stable/safer I plan on doing mine the old fashion way.
posted on June 18, 2005 07:41:01 PM new
We have a 2 Visas (not debit cards)& 2 MC, 1 AMEX, so we will have to be checking this out
BUT! We were the lucky ones that have a loan with Citifinancial and they called to 'We regret to inform you, that all your information, SS#, etc were on computer tapes and were lost' Great
We are definitly dumping all CC's except one Visa and the Amex. No need for so many.
My brother has so many he keeps them tied up with a rubber band. (he's an idiot, but in a good way )
posted on June 18, 2005 08:52:36 PM new
I bet that will make you sleep good tonight NTS - Not.
I thought they got no SS numbers as that what they said. They got no pertinent information doesn't that include SS numbers etc.
Well I only have a mastercard debit card and if they try and use that it will not give them to much.
Aren't the customers protected even if the hackers try and get money. Do the CC companies have to go good for it? I didn't read to much about it because we have no credit cards.
_________________
I talked to someone at the bank yesterday and yes, the debit cards can also be effected. I was also told that since the bank is FDIC insured, any money taken would be returned. That was a bit comforting, but the idea that this happened at all is unnerving.
posted on June 19, 2005 07:46:18 AM new
You bet it's unnerving. Our personal and financial information is being gradually concentrated into fewer and fewer databases. It won't be long before hackers won't just find out a single account number, they'll also know your health information, work history, and how many 6 packs of beer you bought last week.
Welcome to the future. There'll never be a hackproof system. The only solution is to pay cash, don't even use a debit card. I'm not saying I do that, but I know I should.
It's laughable that the proponents of electronic voting think the systems are safe without paper backup.
____________________________________________
Fue por lana y salió trasquilado...
posted on June 19, 2005 08:00:19 AM new
Libra, no they didn't get SS#'s on this latest HUGE CC theft
They DID get ours through CitiFinancial.. only a few thousand were 'affected' when they 'lost' the computer tapes that all the info was on. And lucky us!, we were one of the few thousand
The hackers that got into cardsystems did not (as far as I can tell) get any social security numbers
But now our identity and credit is comprised because of a car loan through Citi, yeah, its not fun!
posted on June 19, 2005 09:32:06 AM new
Yes I talked with my daughter today and they got all her information on her GMC card. The internet although they say it is safe there is always a group that is trying to make a living on other peoples money. That is sad.
)