Over 50K Visa and Mastercard credit cards compromised, banks alerted

Credit card data — enough to create counterfeit cards — has been stolen from Visa and Mastercard users, Visa confirmed today. The companies are doing damage control, alerting banks and affected card members.

According to security researcher, Brian Krebs, a group of individuals, have compromised the a payments processor, rumored to be Global Payments Inc. The group is believed to be New York-based, targeting the payment system in New York parking garages. Cyber criminals have gained access through the processor to “Track 1 and Track 2 data,” which gives them enough information to make fraudulent purchases on the compromised cards.

Visa and Mastercard have alerted a number of banks and credit unions associated with the cards, warning that they should be on the lookout for fraud.

“Visa has provided payment card issuers with the affected account numbers so they can take steps to protect consumers through independent fraud monitoring and, if needed, reissuing cards,” the company said in a statement, “As always, Visa encourages cardholders to regularly monitor their accounts and to notify their issuing financial institution promptly of any unusual activity.”

The company takes a small jab at the individual business (potentially the NY garages themselves). It explains that each business accepting credit payments is responsible for updating its systems and putting in place the most recent security measures.

According to Krebs, the Public Service Credit Union (PSCU) is saying 56,455 cards have been compromised, with only around 1.5 percent of those cards actually showing fraudulent charges. Joe Levy, chief technology officer of Solera Networks, believes there may be more to the hacks, which have occurred in the past in cases like Heartland Payment Systems.

“It would not be surprising if the investigation slowly reveals that the breach involved techniques such as web application exploitation, maneuvering from a compromised public system into the internal systems, and that the presence on the network was a longer-term than estimated,” said Levy in an e-mail. “These tend to be common characteristics of these kinds of events. And it underscores the fact that perimeter defenses are imperfect and will almost always be breached by a sufficiently motivated adversary.”

The hack has seemingly been isolated at the third-party payments processor, according to Visa. Visa’s own systems have not been compromised.

Credit card image via Shutterstock

Copyright 2012, VentureBeat



Visa and MasterCard credit cards are arranged for a photo.




Success! Check your inbox for details. You might also like:

Please enter a valid email address

See all newsletters

Show Comments
Most Read Business



Success! Check your inbox for details.

See all newsletters