We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Security breach exposes 40m credit cards

Network vulnerabilities allow outsider to access numbers

A hacker has accessed up to 40 million credit-card numbers by infiltrating the network of a company that processed payment data for MasterCard International.

MasterCard has notified banks that issue its credit cards about the security breach, which targeted CardSystems Solutions, a back-office processing company. Those banks will take steps to notify their customers as they see fit.

The network at CardSystems had certain vulnerabilities that allowed an outsider to access the card numbers, 13.9 million of which were connected to MasterCard cards.

The CEO of CardSystems has said the information stolen was held in records that the company was holding for "research purposes". The research involved ascertaining why some transactions were unauthorised or incomplete. The company no longer stores sensitive data on files, the CEO added.

As far as MasterCard is aware, the person who infiltrated the CardSystems network has not yet been identified.

Companies such as CardSystems process payment data for multiple credit card companies, which is why MasterCard numbers accounted for only 13.9 million of the numbers.

Cardholders can dispute purchases that were not made by them with the bank that issued their card, and they will not be held liable for any purchases deemed to have been made fraudulently.

In the wake of the breach being made public, security vendor Secure Computing was the first to discover a phishing scam that used MasterCard in the subject line to alarm email users. The deception seemed hurried, as it didn't mention the security breach, and may simply be an old scam making the rounds again.

Secure Computing expects such fraudulent activity to continue and become more sophisticated in the coming days, specifically referring in subject lines or body text to the latest big-news breach.

IDG UK Sites

Best camera phone of 2015: iPhone 6 Plus vs LG G4 vs Galaxy S6 vs One M9 vs Nexus 6

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model