Millions of credit cards plundered by hackers
Results 1 to 9 of 9

Thread: Millions of credit cards plundered by hackers

  1. #1
    In And Above Man Black Cluster's Avatar
    Join Date
    Feb 2005
    Posts
    912

    Millions of credit cards plundered by hackers

    More than 40 million credit card customers are at risk of fraud after hackers pilfered data from a US company that processes online transactions.

    CardSystems Solutions, a payment processing firm based in Arizona, US, has also admitted to backing up thousands of records - contrary to proper procedure - potentially giving hackers easy access during the network intrusion.

    The breach was identified by Mastercard, which commissioned an independent investigation at CardSystems Solutions, following an unusually high number of fraudulent transactions.

    The investigation was carried out in May 2005 by computer forensics experts who discovered a rogue computer program installed on the company's network and found evidence that more than 40 million sets of credit card details may be been stolen by cyber-intruders. Several tens of thousands of cards are at particular risk, as there is clear evidence they were copied from the system.

    “Research purposes”
    On Friday, 17 June, Mastercard issued a statement warning that 13.9 million of its customers are among those affected. And a statement issued on the same day by CardSystems Solutions emphasises the severity of the break in. "We understand and fully appreciate the seriousness of the situation," the statement reads. "Our customers and their customers are our lifeblood. We are sparing no effort to get to the bottom of this matter."

    But CardSystems has also admitted to mismanaging thousands of card records which were subsequently stolen. John Perry, chief executive of CardSystems Solutions, told The New York Times that more than 200,000 records had been backed up on its systems for "research purposes", contrary to proper procedure.

    Mastercard and Visa prohibit payment processing companies from retaining card information after a transaction has been completed. "We should not have been doing that," Perry says. "That, however, has been remediated."

    Single breach
    Investigators first step will be to trawl through logs to try and identify the network addresses of the computer used to break into the network, says Neil Barrett, a computer security expert with UK company Information Risk Management.

    However, he adds that such information can be fairly easily disguised in order to frustrate the efforts of investigators. Another approach is to watch for fraudulent transactions involving stolen information, and then attempt to trace this back to the culprits of the break-in.

    Peter Sommer, a computer security expert at the London School of Economics, also in the UK, says the incident merely highlights the dangers of mishandling sensitive customer data. "There's nothing new about this risk, and the end user can do nothing," Sommer told New Scientist. "Most security breaches happen simply because hackers are persistent. And, if you are holding important information like this, you can't afford a single breach."

    Barrett also admits that such a crime seems inevitable, given the number of transactions occurring online everyday. "It's criminal business as usual, I'm afraid," he says.


    Source
    \"The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts\".....Spaf
    Everytime I learn a new thing, I discover how ignorant I am.- ... Black Cluster

  2. #2
    Member
    Join Date
    May 2002
    Posts
    93
    Not trying to be a jerk, but this is over a month old.

    http://www.antionline.com/showthread...it+card+stolen

    Plus see the date on the source article

    Just a heads up so folks don't think this happened again since.
    Tachyon

    |-----|Alcohol is my anti-drug |-----|

  3. #3
    In And Above Man Black Cluster's Avatar
    Join Date
    Feb 2005
    Posts
    912
    Hey thanks,

    I tried the search engine but with no avail ... not matches were found ...

    sorry for posting it again ....
    \"The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts\".....Spaf
    Everytime I learn a new thing, I discover how ignorant I am.- ... Black Cluster

  4. #4
    Member
    Join Date
    May 2002
    Posts
    93
    No worries! =)

    It's monday after all.
    Tachyon

    |-----|Alcohol is my anti-drug |-----|

  5. #5
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    I think or more current relevance would be these stories.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  6. #6
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    Originally posted here by Black Cluster
    Hey thanks,

    I tried the search engine but with no avail ... not matches were found ...

    sorry for posting it again ....
    Well, I think the point is, the ARTICLE you linked is that old...
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  7. #7
    Senior Member hesperus's Avatar
    Join Date
    Jan 2005
    Posts
    416
    Update :

    Visa bars CardSystems from handling any more transactions.
    In a new development, Visa USA have taken the unprecedented step of barring CardSystems from handling any further Visa transactions;

    "CardSystems has not corrected, and cannot at this point correct, the failure to provide proper data security for those accounts," said Tim Murphy, Visa's senior vice president for operations in a memorandum sent to several banks. "Visa USA has decided that CardSystems should not continue to participate as an agent in the Visa system."

    Yesterday, CardSystems CEO John Perry was up before Congress to answer questions from the House Financial Services Committee, which is holding hearings into the current spate of data thefts. Perry told Reuters he thought prospects for CardSystems looked bleak:

    "With that staring us in the face, it certainly means we would go out of business because, if you can't process with a major brand such as Visa, you can't process at all,"
    Source

  8. #8
    AO Senior Cow-beller
    Moderator
    zencoder's Avatar
    Join Date
    Dec 2004
    Location
    Mountain standard tribe.
    Posts
    1,177
    I wonder who handled their PCI assessment? It either was done very poorly, or they get a very bad report back and didn't make enough effort to change their ways.

    Either way, I applaud Visa's decision. Companies that play hinky games with personal information need to get slapped when they don't excercise due dilligence.
    "Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --Spaf
    Anyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
    "...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore

  9. #9
    Senior Member
    Join Date
    Jul 2005
    Posts
    277
    thank goodness i'm still paying on a maxed-out mastercard from freshman year!
    its amazing how quickly five hundred can multiply (several times over!)

    hack up!!!
    Difficult takes a day, Impossible takes a week~Kthln01!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •