Hackers breach credit processor, thousands of cardholders at risk

[anuseems]

Hackers swiped the financial data of thousands of people in a security breach earlier this year, according to reports by Brian Krebs and The Wall Street Journal. Global Payments Inc., an Atlanta-based processing firm that serves as a middleman between merchants and banks, discovered shady activity in early March, though the break-in is suspected to have occurred between January 21 and February 25.

Global Payments quietly alerted others in the financial industry last week, but it seems to have delayed public acknowledgment until word trickled out this morning. The outfit may have wanted to break the news after its quarterly earnings statement on April 4. Its late afternoon press release is scarce on details, but the company is expected to share more information in a conference call on Monday at 8:00AM EDT.

It's unclear what was swiped and how many people are affected. PSCU, a provider of online financial services to credit unions, warned 482 of its clients that 56,455 Visa and MasterCard accounts were compromised, with 876 accounts showing fraudulent activity. That's only a snapshot of the potential damage, according to Krebs. The WSJ reports that hundreds of thousands of cardholders may be at risk.

Avivah Litan, a veteran Gartner analyst specializing in financial fraud, spoke with folks in the credit card industry who are seeing signs of the breach's impact. Litan's sources also claim that the crime was committed by a Central American gang who infiltrated Global Payments' system by correctly answering authentication questions on a poorly secured administrative account. Again, this information is unconfirmed.

Visa and MasterCard promptly announced that their networks weren't compromised. Along with various ongoing internal investigations, the US Secret Service and an unnamed forensic company are looking into the case. Credit firms are monitoring accounts for unusual activity and depending on the severity of the situation, they may issue new cards. Keep an eye on your financial statements in the meantime.

source: http://www.techspot.com/news/48017-hackers-breach-credit-processor-thousands-of-cardholders-at-risk.html

[anuseems]

Brian Krebs is reporting that MasterCard and Visa are warning member-banks of a payment processor breach that may impact more than 10,000,000 credit cards.

It is important to note that MasterCard and Visa's own networks were not involved in the attack, it appears to be related to payment processor Global Payments.

Reuters is reporting that Global Payments stock was suspended for trading after falling more than 9% on the Nasdaq stock exchange.

Krebs reported that one of the financial institutions he spoke with had to cancel 56,455 credit cards, of which fraud was detected on 876, or 1.5%.

There is much speculation about the source of the breach as many are reporting that the majority of the fraud is occurring in the greater New York City area, yet cards are being cancelled around the country.

What is a payment processor? Payment processors provide merchants (stores) with access to payment brokering networks like MasterCard, Visa, American Express and Discover. The terminal that processes your card sends the details of the transaction to the payment processor to facilitate the purchase.

It is being reported that the attackers got "full Track 1 and Track 2 data". This is very bad as it would allow for the attackers to fully produce cards including the CVV/CCV code you often need to enter for online transactions.

Strangely, law enforcement contacts told Krebs they believe the breach is related to a Dominican gang in New York and primarily targeted corporate credit and debit cards.

Fortunately consumers don't need to worry too much. Card issuing banks (Bank of America, Chase, etc.) are cancelling cards that are involved in the theft and card holders will not be held responsible for any fraudulent activity.

I wouldn't cancel my card or ask for a new one, but it would certainly be prudent to keep a close eye on your statements to be sure nothing suspicious shows up.

As we find out more details on how this heist came about, we will post information here. From the sound of it the card information sounds like it may not have been encrypted or they wouldn't need to cancel so many cards.