Visa, MasterCard scramble after massive data breach

Mar 30, 2012
Credit card giants Visa and MasterCard were scrambling on Friday to thwart cyber crooks who looted a massive trove of precious account data, evidently from a payment processor in New York.

Credit card giants Visa and MasterCard were scrambling on Friday to thwart cyber crooks who looted a massive trove of precious account data, evidently from a payment processor in New York.

Gartner analyst Avivah Litan said that industry sources revealed that numbers from more than 10 million credit card accounts were stolen in the breach, with the entry point being a New York City taxi and parking garage company.

The thieves stockpiled stolen credit card numbers for months before beginning to use them, according to the analyst.

Indications were that the culprits were part of a Central American crime gang, Litan told AFP.

"It sounds like they went into an administrative privilege account at the taxi company and stole electronic data from a central server," Litan said.

"So, if you've paid a NYC cab in the last few months with your credit or debit card, be sure to check your card statements for possible fraud."

Visa and MasterCard both said they were investigating the breach, which they stressed involved a "third party" and not their internal networks.

"Visa has provided payment card issuers with the affected account numbers so they can take steps to protect consumers through independent fraud monitoring and, if needed, reissuing cards," the company said in a statement.

Visa and MasterCard are alerting banks and credit unions across the United States to what some in the financial sector are calling a "massive" breach, computer security specialist Brian Krebs said in his Krebson Security blog.

Alerts sent to banks warned that sufficient account details were stolen to make counterfeit credit cards, according to Krebs.

People should alert card issuers to suspicious account activity, according to Visa and MasterCard.

"Law enforcement has been notified of this matter and the incident is currently the subject of an ongoing forensic review by an independent data security organization," a MasterCard spokesman told AFP.

Explore further: Local media have positive slant toward local businesses, Rice University expert finds

add to favorites email to friend print save as pdf

Related Stories

Credit card hacker sentenced to 10 years in prison

Jul 23, 2011

Rogelio Hackett, who stole more than half a million credit card numbers used to rack up nearly $40 million in illicit debt, was sentenced Friday to 10 years in prison and fined $100,000.

WikiLeaks getting credit card funds

Jul 07, 2011

WikiLeaks has again begun accepting credit card donations, a company affiliated with the secret-spilling site said Thursday.

Citigroup says 360,000 affected by hackers

Jun 16, 2011

Hackers stole account information of more than 360,000 of Citigroup Inc.'s U.S. credit card customers in a recent data breach, the bank said Wednesday, almost double the number initially thought.

Recommended for you

Barclays to allow payments by using Twitter handles

Feb 27, 2015

The next chapter in banks moving into the digital age is a stretch beyond reminding customers over phone lines that they can also bank online. Barclays has launched Twitter payments through Pingit.

QR codes engineered into cybersecurity protection

Feb 27, 2015

QR, or Quick Response, codes – those commonly black and white boxes that people scan with a smartphone to learn more about something – have been used to convey information about everything from cereals ...

Australian laws on storing phone, Internet records to change

Feb 27, 2015

(AP)—A parliamentary committee on Friday recommended a major rewrite of draft laws that would force Australian telcos and Internet providers to store customers' personal data for the convenience of law enforcement agencies. ...

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

jdbertron
2 / 5 (3) Mar 30, 2012
That's the problem you get when you authorize the transactions without authenticating the people making them. It sounds cheaper than issuing secureIds or using codes and fingerprints because fraud is so rare, until it's not so rare anymore.
Osiris1
1 / 5 (2) Mar 31, 2012
It may be a big problem for the one percent of the one percent GreedyOldPigs (GOP). Who cares about them?!
TabulaMentis
2 / 5 (4) Mar 31, 2012
It may be a big problem for the one percent of the one percent GreedyOldPigs (GOP). Who cares about them?!
It was probably a jackass behind the hack.

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.