We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Security breach exposes 40m credit cards

Network vulnerabilities allow outsider to access numbers

A hacker has accessed up to 40 million credit-card numbers by infiltrating the network of a company that processed payment data for MasterCard International.

MasterCard has notified banks that issue its credit cards about the security breach, which targeted CardSystems Solutions, a back-office processing company. Those banks will take steps to notify their customers as they see fit.

The network at CardSystems had certain vulnerabilities that allowed an outsider to access the card numbers, 13.9 million of which were connected to MasterCard cards.

The CEO of CardSystems has said the information stolen was held in records that the company was holding for "research purposes". The research involved ascertaining why some transactions were unauthorised or incomplete. The company no longer stores sensitive data on files, the CEO added.

As far as MasterCard is aware, the person who infiltrated the CardSystems network has not yet been identified.

Companies such as CardSystems process payment data for multiple credit card companies, which is why MasterCard numbers accounted for only 13.9 million of the numbers.

Cardholders can dispute purchases that were not made by them with the bank that issued their card, and they will not be held liable for any purchases deemed to have been made fraudulently.

In the wake of the breach being made public, security vendor Secure Computing was the first to discover a phishing scam that used MasterCard in the subject line to alarm email users. The deception seemed hurried, as it didn't mention the security breach, and may simply be an old scam making the rounds again.

Secure Computing expects such fraudulent activity to continue and become more sophisticated in the coming days, specifically referring in subject lines or body text to the latest big-news breach.

IDG UK Sites

Acer Aspire R11 review: Hands-on with the 360 laptop and tablet convertible

IDG UK Sites

Apple Watch release day: Twitter reacts

IDG UK Sites

See how Framestore created a shape-shifting, oil and metal based creature for Shell

IDG UK Sites

Apple Watch buying guide, price list & where to buy today: Which Apple Watch model, size, material,?......