Krebs on Security is reporting that MasterCard and Visa are alerting member banks of a “massive” security breach at a credit card processor.
Brian Krebs, who runs the site, reported that his sources in the financial sector said the breach might involve more than 10 million compromised card numbers.
MasterCard and Visa sent alerts to banks, Krebs reported, saying the card processor was compromised between Jan. 21-Feb. 15. Banks are reviewing transaction data to try to determine a common point of purchase, he said.
“Sources at two different major financial institutions said the transactions that most of the cards they analyzed seem to have in common are that they were used in parking garages in and around the New York City area,” Krebs said.
The private alerts also said that full Track 1 and Track 2 data was taken – meaning that the information could be used to counterfeit new cards, Krebs said.
In an interview, Krebs said he had been “sitting on the story for a week,” to obtain more information. So far, he has not been able to identify the card processor. He did not hear back from MasterCard or Visa, and said, “I don’t anticipate hearing from them.”
It is not clear how many cards were breached, Krebs said, but on Wednesday, PSCU — a provider of online financial services to credit unions — “said it alerted 482 credit unions that appear to have had cards impacted by the breach, and that a total of 56,455 member VISA and MasterCard accounts were compromised.”
PSCU said fraudulent activity had been detected on a relatively small number of those cards — 876 accounts — and that the activity was geographically dispersed, Krebs said.
Cardholders, he pointed out in the interview, are not on the hook for fraudulent purchases. Still, he added, “people should always keep an eye on their statements,” and report suspicious transactions immediately.
culled from FORBES
No comments:
Post a Comment