And you think *you* have problems with spyware!

2005-06-18 08:41 pm
mdlbear: blue fractal bear with text "since 2002" (Default)
[personal profile] mdlbear
MasterCard International announced yesterday that more than 40 million credit card numbers have been compromised -- apparently due to spyware installed at CardSystems Solutions, Inc., a third-party processor of payment card data. I'm not surprised.

What's surprising is that it's taken so long for a major break-in like this to happen, and that the effects so far are so minor. I'm still waiting for "The Big One" -- a financial trainwreck in the large-fraction-of-a-trillion-dollar range.

Check your credit-card statements carefully.
  • Mood: unsurprised
Threaded | Top-Level Comments Only

Credit-checking

Date: 2005-06-19 04:19 am (UTC)
From: [identity profile] sdorn.livejournal.com
Until September 1, those living in NC through Maine don't have this yet, but those who live elsewhere in the U.S. can get a free annual credit report from each of the three big credit agencies. Yesterday, the reports of the MC data-stripping prompted us to use our first one.

As advised by others (I can't remember whom to credit), we're rotating the check among the three agencies, so we in essence are checking our credit three times annually for free.

Date: 2005-06-19 09:47 am (UTC)
From: [identity profile] randwolf.livejournal.com
Perhaps an attack on securities brokers or currency trading systems? But, no, those system are carefully secured. Truth of the matter is, us small fry don't rate the technical effort, so I suppose nothing will be done until, finally, laws requiring better security are written.

Date: 2005-06-19 03:56 pm (UTC)
mdlbear: blue fractal bear with text "since 2002" (Default)
From: [personal profile] mdlbear
As we've been seeing recently, it's the third parties at the edges that aren't secured.

Date: 2005-06-19 04:20 pm (UTC)
From: [identity profile] randwolf.livejournal.com
CardSystems isn't at the edges; they're part of the center. Basically, it seems to me that the banks, by relying on such insecure services, are neglecting their obligations to their cardholders. I would have thought that the liabilities involved to the very large businesses involved would provide adequate motivation to secure their networks--I expect CardSystems to be sued six ways from Sunday--but this doesn't seem to be the case and I can only wonder why.

Date: 2005-06-19 06:16 pm (UTC)
From: [identity profile] decadentdave.livejournal.com
Interesting. Here in Canada what I think was the same incident was reported applying to Visa credit card numbers. Everything else in the story seems the same.
To add insult to injury, one of the two credit rating companies here in Canada, Equifax, was hacked last week and details on about 600 people was accessed. No details of this event were available but if the folks from whom you can get a credit check statement get hacked...

Date: 2005-06-19 06:48 pm (UTC)
mdlbear: blue fractal bear with text "since 2002" (Default)
From: [personal profile] mdlbear
MC, Visa, Amex, and probably some others were all hit -- it's just a question of which started notifying their customers first.
Threaded | Top-Level Comments Only

Most Popular Tags

Links

Style Credit

Page generated 2025-12-25 04:22 pm
Powered by Dreamwidth Studios