Computerworld - A computer hacker, or hackers, has gained access to the accounts of more than 5 million credit card customers.
As a result, information was stolen from the accounts of more than 2.2 million MasterCard International Inc. cardholders and approximately 3.4 million Visa U.S.A. Inc. cardholders, according to those companies.
The theft occurred when the system of a company that processes credit card transactions for merchants was broken into, according to a statement released by Visa U.S.A.
Systems operated by Visa and MasterCard weren't compromised, and both companies said they have contacted all the financial institutions affected by the theft.
No information was available about which banks were affected by the theft, but a Visa spokesman said none of the stolen Visa account information has been used fraudulently.
MasterCard is continuing to investigate whether the account information has been used to make purchases, according to Sharon Gamsin, vice president of global communications at MasterCard.
Neither Visa nor MasterCard would identify the company that was hacked, nor would they provide information on how the theft occurred, citing security concerns.
MasterCard became aware of the security breach during the week of Feb. 3, Gamsin said.
Visa and MasterCard, like other credit card companies, use third-party companies to manage credit card transactions between merchants and the financial institutions that issue the credit cards.
Those companies transfer money to a merchant's account and manage any transaction fees, according to a Visa spokesman.
Because a single vendor handles transactions from a number of different companies, however, it's likely that the thefts weren't limited to Visa and MasterCard accounts, according to Gamsin.
The FBI's cybercrime division is also investigating the theft, according to cybercrime division spokesman Bill Murray.
The decision about whether to cancel a credit card account or merely flag it for possible fraud is up to the financial institution that issued the card, according to Gamsin.
Both Visa and MasterCard offer zero liability policies, which absolve cardholders of responsibility for unauthorized purchases.
Cardholders who discover that their accounts have been used fraudulently should contact the financial institution that issued the card, Gamsin said.
Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
