Security breach may have exposed 40M credit cards

Tom Krazit   Today’s Top Stories   or  Other Security Stories  

Google's Universal Search for Business Driving BI Value with Data Integration: Overcoming the Thorniest Challenges Gain a faster, cheaper way to manage workload Surviving and Thriving in Tough Times Survey: Business Intelligence Maturity and the Quest for Better Performance BI @ The Speed of Business SaaS Solutions for Remote Systems Management Learn-Fast Guide: Software as a Service is Growing Up Mobility @ the Speed of Business Sign up to receive Business Intelligence Resource Alerts

June 17, 2005 (IDG News Service) -- A hacker was able to access potentially 40 million credit card numbers by infiltrating the network of a company that processed payment data for MasterCard International Inc. and other companies, MasterCard said Friday.

MasterCard has notified banks that issue its credit cards about the security breach, which victimized CardSystems Solutions Inc., a Tucson, Ariz. back-office processing company, said Jessica Antle, a MasterCard spokeswoman. Those banks will then take steps to notify their customers as they see fit, she said.

The network at CardSystems had certain vulnerabilities that allowed an outsider to access the card numbers, 13.9 million of which were connected to MasterCard cards, Antle said. MasterCard's fraud detection system first became aware of the infiltration in May, and the company promptly launched an investigation into the breach.

However, the complicated investigation was not completed until earlier this week, when MasterCard was able to determine which credit card numbers were exposed and notify the banks that issued those cards, Antle said. Ubizen NV handled the initial forensic investigation, and the case has also been turned over to the FBI. As far as MasterCard is aware, the person who infiltrated the CardSystems network has not yet been identified.

Companies such as CardSystems process payment data for multiple credit card companies, which is why MasterCard numbers only accounted for 13.9 million of the numbers, Antle said. No other types of personal information, such as Social Security numbers, were compromised in the breach, she said.

Cardholders can dispute purchases that were not made by them with the bank that issued their card, and card holders will not be held liable for any purchases determined to have been made fraudulently, Antle said.

Security breaches don't always happen through hacking into a company's network. Citigroup Inc. recently notified customers that the credit information of 3.9 million customers was inside a package that disappeared while in transit from New Jersey to Texas in the care of United Parcel Service Inc.

Reprinted with permission from

IDG.net
Story copyright 2008 International Data Group. All rights reserved.

Print this Story

Send Us Feedback

E-mail this Story

Digg this Story

Slashdot this Story

Security breach may have exposed 40M credit cards

"Yes, NASA has confirmed that some laptops taken to the International Space Station were infected with an online-gaming password stealing..." Read more... "Linux is more secure than most operating systems, but Not if you don't practice basic security measures..." Read more... Read more Security posts or See all Blogs

Microsoft warns of IE8 lock-in with XP SP3 Image Gallery: 'Fashion' PCs hit the catwalk Apple whips rivals in consumer purchase plans 'West Wing' creator may be writing movie about Facebook Apple confirms iPhone security bug, promises patch Review: Internet Explorer 8 Beta 2 offers some nifty new features Sprint's WiMax service to include local features Veoh ruling bolsters YouTube effort to fend off $1 billion Viacom suit Google introduces Android apps store Microsoft Office Live Small Biz suffers outage, possibly lost e-mail More top stories...

Scented, other 'fashion' PCs hit the catwalk Best Western forced to play defense on data breach disclosure Target agrees to $6M settlement of accessibility lawsuit Steve Jobs' death greatly exaggerated; Bloomberg obit a mistake Microsoft reveals IE8 Beta 2 Trade body to hear Microsoft complaint against Taiwan company European court won't stop U.K. hacker's extradition to U.S. Panasonic and Sony tout plasma, LCD TV plans at IFA show iPhone gets two AT&T data plans for international travelers McCain's online reach surges in days before Dem convention

15 great gadgets for the back-to-school crowd Here are 15 devices and add-ons that make the back-to-school computing experience extraordinary. The new employee connection: Social networking behind the firewall As Facebook-like apps infiltrate the enterprise, they're integrating the workforce in unforeseen ways. Build a three-screen workstation for $230 or less If you want to expand the visual capabilities of your laptop, you can add two monitors without spending a lot of time or money. The Asus Eee 1000 — more power, still portable The latest iteration of Asus' groundbreaking mini-notebook adds a faster CPU, a larger display and a better keyboard. Windows Vista A to Z Reviews, analyses, how-tos, visual tours, hot issues and predictions about Microsoft's new OS. More Continuing Coverage After 9/11: Homeland Security Apple's iPhone Ask a Premier 100 IT Leader Bill Gates steps down BlackBerry Legal Battle Data Security Breaches Electronic Voting Firefox H-1B Visas HP's Boardroom Scandal Handheld Devices Hurricane Katrina Aftermath Microsoft Legal Issues Microsoft's Vista Open Source RFID Technology SCO's Linux Fight Sarbanes-Oxley Act Spam Voice Over IP Wi-Fi Windows Meta File Vulnerability Windows XP Service Pack 3 IT Careers 2010 Four years from now, the IT field will be a vastly different place. Will you be ready? More Special Reports Premier 100 IT Leaders 2007 Best in Class 2006 Computerworld Horizon Awards 2006 Premier 100 IT Leaders 2006 Salary Survey 2007 Best Places to Work in IT 2007 IT Forecast 2007 Premier 100 IT Leaders 40 Years of Computerworld ASPs, Take Two Best Places to Work in IT 2003 Best Places to Work in IT 2004 Best Places to Work in IT 2005 Best Places to Work in IT 2006 Business Intelligence Home Runs Business Intelligence: Smarter BI Business Intelligence: The Future of BI CRM Goes Vertical CRM: Sober CRM Career Planning Guide 2005 Careers: IT Profession 2010 Computerworld Horizon Awards 2005 Data Management: Mining for Gems Data Management: Taming Data Chaos Development: Hard-Workin' Web Sites Development: New Tools New Choices Development: The New World of Application Development Development: The Web Services Tsunami Development: Web Services Hurdles Disaster Recovery: Preparing for the Worst E-commerce Grows Up E-mail/Groupware: Big Decisions Faces of Mobile IT Forecast 2006 Global Mobile Hardware: Multiple Cores, Multiple Challenges Hardware: On-Demand Un-Hyped Hardware: The Shape of Things to Come Horizon Awards: 10 Cool Cutting Edge Technologies IT Management: Guide to Managing Vendors IT Management: Navigating Global IT IT Management: Recovery Ahead IT Management: The Future of IT IT Management: The Resourceful Project Manager Innovative Technology Awards 2004 Management: Reinventing IT Microsoft in Transition Mobile/Wireless Leaders and Laggards Mobile/Wireless: The Untethered Worker Mobile/Wireless: Tiny Gadgets, Huge Costs Network Management: Taking Control Networking: Turbulence Ahead! Networking: VoIP Goes Mainstream Operating Systems: In the Slow Lane Operating Systems: Linux Goes Global Operating Systems: Should You Nix Unix? Outsourcing: Offshore Buyer's Guide Outsourcing: Outsourcing Dangers Premier 100 IT Leaders 2004 Best in Class Premier 100 IT Leaders 2005 Best in Class ROI: Do the Math! Salary Survey 2003 Salary Survey 2004 Salary Survey 2005 Security Action Plan Security: Compliance Headaches Security: Proactive Security Security: Risk and Reward Security: Tips From Security Pros Souped-up Security Storage: Battling Complexity Storage: Cheap & Secure Data Stores Storage: Stretching Your Storage Dollars Storage: The Lean Storage Machine Storage: The New Rules of Storage Storage: The Ultimate Backup Guide Supply Chain: Missing Links Supply Chain: RFID Reality Check The Business of Security Web 2.0 Security Wireless: Wireless At Work All Zones Application Performance Zone Business Continuity Zone The File Data Management Zone Security Management Zone ITIL Best Practices Zone The SAS Zone Business Intelligence and Analytics Zone Windows Protection Zone Identity & Security Management Zone See your link here

Speeding the time to intelligence Get this Computerworld report free for a limited time, compliments of SAS. Time To Intelligence -- a concept defining how long it takes to get accurate and timely information into the hands of workers who need it most. Do it slower than your competitors and your company is toast. Do it faster, you scorch them. Business Intelligence is the key to optimizing Time To Intelligence, and success there is a combination of people, policies, and technology. Download this executive briefing  From Laggard to Leader: Transforming the Data Center From Laggard to Leader: Transforming the Data Center Register for this complimentary live webcast today! Go to the webcast  Rapid application development, rapid results Download this special report now! (Source: Intersystems) All too many businesses suffer from IT infrastructures that are a hodge-podge of disconnected databases and applications. What's needed is the ability rapidly develop connected applications under a unified service-oriented architecture. InterSystems Ensemble integration environment and Cache database are effective tools in answering this need, delivering a rapid ROI. Download this white paper  White Papers Read up on the latest ideas and technologies from companies that sell hardware, software and services. Transformational Analytics: Virtualizing IT Environments Driving Business Success Through Workgroup Choice and Flexibility Deploying Virtualized NetWare on Linux Whitepaper View more whitepapers

• Security breach may have exposed 40M credit cards

• Microsoft warns of IE8 lock-in with XP SP3
• Scented, other 'fashion' PCs hit the catwalk
• Image Gallery: 'Fashion' PCs hit the catwalk
• More top stories 

SAS Business and Analytics Zone No matter where your organization is on the path toward evolving your IT infrastructure, SAS can adapt to your situation to meet your long-term enterprise intelligence needs. We can help you drive intelligence evolution to the next level, while leveraging and extending the value of your existing IT investments. Learn more in the Business and Analytics Zone See All Zones

Intercept Spam & Viruses With MessageLabs MessageLabs is offering a complimentary 30 day trial of its managed Anti-virus and Anti-spam security solutions. MessageLabs guarantees complete protection against all know and unknown email threats. By providing 24 hour support, your business can increase productivity and decrease risk. Register for a complimentary trial and receive a free datasheet. Download this white paper now!

Since You Asked A weekly storage column from storage analyst, Steve Duplessie of the Enterprise Strategy Group Click here to read the latest column by Steve Duplessie