Welcome

Welcome to my Blog. I mostly re post articles that i find interesting on the web. After the article you will find a link that leads you to the original one.

Monday, February 23, 2009

Another Month, Another Massive Credit Card Data Breach [Data Theft]

via Consumerist by Chris Walters on 2/23/09

Don't be too surprised if you get a letter from your bank or credit union in the next few weeks telling you it's replacing your credit card. If your data was among the latest set compromised, Visa and Mastercard are already alerting financial institutions so they can cancel the account number. There's no official word on which payment processor was hit this time, but our tipster says his credit union told him it was Heartland Payment Systems yet again.



I was just contacted by my credit union that both my MasterCard check cards had been compromised. I was told by my credit union that the breach occurred through Heartland Payment Systems.

I was told that they process the payment for over 175,000 retailers, and that thousands of people at my CU alone had been impacted.

In SC Magazine US, a security expert says that Visa and Mastercard know who the processor is, but won't name names:

The victim in this case appears to be a provider that processes online transactions, said David Shettler, vice president and CTO of Open Security Foundation, a nonprofit that researches data breaches.

He told SCMagazineUS.com on Monday that the group has been receiving tips about the breach since Feb. 12, but few details have been confirmed.

"What concerns me is that Visa and MasterCard, they clearly know who it is," Shettler said. "That just won't say anything because the processor hasn't come clean. The of sort feel it gives people is that Visa and MasterCard are covering for some unnamed organization."

ComputerWorld notes that the blog Office of Inadequate Security has posted notices from "the Tuscaloosa VA Federal Credit Union in Alabama, the Pennsylvania Credit Union Association, the Community Bankers Association of Illinois and the New York State Consumer Protection Board," as well as the Alabama Credit Union (also in Tuscaloosa).

As with the confirmed Heartland breach reported in January, it's likely that only account numbers and expiration dates were grabbed, and not SSNs or PINs.

"Just weeks after Heartland breach, another payment processor said to be hit" [ComputerWorld] (Thanks to Steven!)
"Visa confirms another payment processor breach" [SC Magazine US] (Thanks to Mike!)

RELATED
"Banks starting to report breach at unnamed processor" [Office of Inadequate Security]
(Photo: Ollie Crafoord)

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)