We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
 
74,953 News Articles

Security breach exposes 40m credit cards

Network vulnerabilities allow outsider to access numbers

A hacker has accessed up to 40 million credit-card numbers by infiltrating the network of a company that processed payment data for MasterCard International.

MasterCard has notified banks that issue its credit cards about the security breach, which targeted CardSystems Solutions, a back-office processing company. Those banks will take steps to notify their customers as they see fit.

The network at CardSystems had certain vulnerabilities that allowed an outsider to access the card numbers, 13.9 million of which were connected to MasterCard cards.

The CEO of CardSystems has said the information stolen was held in records that the company was holding for "research purposes". The research involved ascertaining why some transactions were unauthorised or incomplete. The company no longer stores sensitive data on files, the CEO added.

As far as MasterCard is aware, the person who infiltrated the CardSystems network has not yet been identified.

Companies such as CardSystems process payment data for multiple credit card companies, which is why MasterCard numbers accounted for only 13.9 million of the numbers.

Cardholders can dispute purchases that were not made by them with the bank that issued their card, and they will not be held liable for any purchases deemed to have been made fraudulently.

In the wake of the breach being made public, security vendor Secure Computing was the first to discover a phishing scam that used MasterCard in the subject line to alarm email users. The deception seemed hurried, as it didn't mention the security breach, and may simply be an old scam making the rounds again.

Secure Computing expects such fraudulent activity to continue and become more sophisticated in the coming days, specifically referring in subject lines or body text to the latest big-news breach.


IDG UK Sites

Amazon 3D smartphone release date, price and spec: The hologram phone?

IDG UK Sites

You're never alone with a clone: How the App Store got taken over by copycats

IDG UK Sites

PCs vs consoles: PCs still pwn when it comes to gaming (and everything else)

IDG UK Sites

The art of rebranding: Creative agency The Neighbourhood explains how & why it rebranded