MasterCard, Visa confirm credit card data theft described as 'massive'
Source: MSNBC
Law enforcement officials are investigating what appears to be a massive theft of U.S. consumers' credit card data, MasterCard and Visa confirmed Friday. The computer security expert who first reported the theft said it might involve as many as 10 million MasterCard and Visa accounts, making it one of the largest known credit card heists.
"MasterCard is currently investigating a potential account data compromise event of a U.S.-based entity and, as a result, we have alerted payment card issuers regarding certain MasterCard accounts that are potentially at risk," that association said in a statement. "Law enforcement has been notified of this matter and the incident is currently the subject of an ongoing forensic review by an independent data security organization."
The theft was first reported by well-known computer security journalist Brian Krebs on his blog, KrebsonSecurity.com. Krebs said the crime involves compromise of a credit card payment processor a "middle man" that handles transactions between retailers and banks. The name of that institution is unknown, but processors have long been a target of identity thieves because of the enormous amounts of data they control. In 2008, Princeton, N.J.,-based Heartland Systems was hacked, exposing tens of millions of credit card account numbers to theft.
Krebs reported that hackers had access to the unknown processors data from Jan 21 through Feb 25, and were able to siphon off enough data to easily create counterfeit cards. His sources called the leak "massive."
Read more: http://redtape.msnbc.msn.com/_news/2012/03/30/10940640-mastercard-visa-confirm-credit-card-data-theft-described-as-massive
Ian David
(69,059 posts)bemildred
(90,061 posts)dipsydoodle
(42,239 posts)drm604
(16,230 posts)it sounds like you only need to be worried if you've paid an NYC cab or parking garage in the last few months.
unblock
(52,230 posts)unblock
(52,230 posts)haven't used a cab and don't think we used a parking garage during those dates, but this middle man no doubt processes many transactions in this area....
Ruby the Liberal
(26,219 posts)Me no likey the word 'massive'.
southernyankeebelle
(11,304 posts)got the protection plan. It is worth it.
CreekDog
(46,192 posts)whereas getting rid of a false charge is free.
southernyankeebelle
(11,304 posts)were able to take it off and I got a new card. I have to tell you I buy online and no matter what protection you have something can always go wrong. I feel better that I have it.
CreekDog
(46,192 posts)if there was fraud on my card and i got a new one, that would be free for me.
do you think that costs money?
southernyankeebelle
(11,304 posts)is made.
CreekDog
(46,192 posts)with most online accounts, you can set the account to notify you whenever a charge is made.
whatever works for you. just pointing out a free alternative.
southernyankeebelle
(11,304 posts)I just find this works for me.
tru
(237 posts)Sounds like a nuisance to me. I've had two cards compromised in the past year and was notified right away. They removed the bogus charges from my accounts. It took about a week for the new card to arrive, but that's why I have two cards.
southernyankeebelle
(11,304 posts)jannyk
(4,810 posts)Visa and MasterCard have acknowledged the breach, and the Wall Street Journal is now reporting that the processor is Atlanta-based Global Payments. Krebs told Technology Live that Global Payments is expected to issue a statement today.
"Law enforcement asked everyone to keep it quiet so as not to disturb investigations," Krebs says. " I'm hearing now from two sources that investigators suspect Dominican street gangs may be involved and that the fraud is focusing mostly on commercial credit and debit card accounts."
But the stakes are much higher this time around, especially for retailers. Some 46 states have now enacted data breach disclosure laws that require merchants and payment card issuing banks and credit unions to notify customers whose card numbers are stolen.
Many of these data loss disclosure laws impose stiff fines if notifications are not done in a timely manner. Massachusetts recently showed that such fines can generate much needed revenue, while also championing consumer privacy and security, says Ted Julian, of Co3, a Cambridge, Mass.-based start-up that helps retailers manage the repercussions of credit card theft.
LittleGirl
(8,287 posts)I have both a Visa and Mastercard. Rats. Will be monitoring accounts because we now have a 0 balance on both. Whoo HOo.
Thanks for posting.
freeplessinseattle
(3,508 posts)It's Visa, but debit thru the bank, and no credit. Interesting coincidence, anyway. Sure glad I was notified of "irregular activity"!
woodsprite
(11,915 posts)One of our cards was compromised, but the other seems OK (for now). They put $500 of it back into our account right away. The other $100 we had to file a dispute claim. It's back in there now, but we took care of it as soon as we got the call.
A few years back, one of the companies was having problems with someone in their employ. The cards were being compromised even before they were activated by the customers.
freeplessinseattle
(3,508 posts)such a feeling of violation, too.
Now I'm thinking of getting a pre paid Visa to be safe, though is kind of a hassle. Now I'm not even sure if paying for parking with my debit is safe, but can't use cash around here anymore.
woodsprite
(11,915 posts)He said when he went in there the other day, everyone's paperwork, along with their card numbers, was tacked to the bulletin board. Once we saw that everything was fixed, he activated his new card, but he got another brand of card just to be used at the storage place. If it happens again, they'll have a pretty good idea.
I thought all vendors needed to secure personal information like that.
We had no choice to move our trailer. Our driveway isn't long or flat enough for it, and the place we have stored it for 20 years was sold.
PuppyBismark
(594 posts)When your card is swiped at a retail company, your information is passed to a card processor, who then sends it to Master Card, Visa, or the issuing bank. These guys sell the credit service to the retailer who then can accept all kinds of cards from all the card vendors and banks that issue them. There is no real way for you to know places your card number goes on the way to the issuer. Thus the way to understand if your account has been compromised is to know who your gas station, supermarket, etc. uses for their processing or really to wait for you card issuer to contact you.
These processors are supposed to encrypt all this information everywhere, but some of them have yet to complete this work as it costs money and money for security takes profit from the stock holders.
Nowhere in these systems should the cards appear unencrypted or unsecured, but ............ One more example of the banks and their ilk gambling with our money in their quest for profit.
just1voice
(1,362 posts)The theft of privacy of every American for "their own good", LOL. Ever wonder where millions of stolen accounts go?
http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/all/1
Mnemosyne
(21,363 posts)Global Information Grid, to handle yottabytes of data. (A yottabyte is a septillion bytesso large that no one has yet coined a term for the next higher magnitude.
Behind the Aegis
(53,957 posts)I caught it early, just 10 days out. They bought themselves an e-gift certificate. I have recently become rather lazy of sorts in checking my accounts; this helped change that behavior.
virgogal
(10,178 posts)sarcasmo
(23,968 posts)LaydeeBug
(10,291 posts)snort.