MasterCard, Visa Warn Banks Of Possible Data Breach

MasterCard has notified law enforcement and banks that issue its cards of a possible data breach at a third-party payment processing company.

The company says “certain MasterCard accounts that are potentially at risk” and that an “independent data security organization” is investigating the matter.

It’s not yet known how many card accounts were put at risk by the breach.

Meanwhile, blogger Brian Krebs reports that Visa has also begun notifying banks about a breach.

From KrebsOnSecurity.com:

The card associations stated that the breached credit card processor was compromised between Jan. 21, 2012 and Feb. 25, 2012. The alerts also said that full Track 1 and Track 2 data was taken – meaning that the information could be used to counterfeit new cards.

MasterCard, VISA Warn of Processor Breach [KrebsOnSecurity.com]

MasterCard Warns of Possible Data Breach [WSJ]

Comments

Edit Your Comment

  1. Lucky225 says:

    Awesome, Just what I want to see literally as I’m strolling out to use my MasterCard this morning.

  2. Thaddeus says:

    Five years ago I would have found this shocking. It seems to be happening so often and to such large companies, this stuff doesn’t even phase me anymore.

    • Loias supports harsher punishments against corporations says:

      Notice that it’s a 3rd party company? Security is only as strong as it’s weakest link.

    • kc2idf says:

      It never did faze me. I used to work for a company that provided server software to do these transactions. While some of the security measures were really intense, others were just plain disappointing.

      What Loias said about the weakest link certainly applies here.

  3. KillerBee says:

    Meh. This happened over a month ago. If your card hasn’t been compromised by now, it’s unlikely that it will be.

  4. Blueskylaw says:

    “MasterCard, Visa Warn Banks Of Possible Data Breach”

    Haven’t these companies learned by now that investing in proper security measures will pay off handsomely compared to what it will cost in money and lost goodwill when their inadequate systems are hacked by a 17 year old kid with pimples and going through puberty.

    • homehome says:

      Dude anything can be hacked. You could have the best security in the world, there’s going be at least 500 ppl in the world that’ll break through it. Nothing is full proof. I generally don’t have trouble with VISA, the two times somebody tried to get me, I got calls, emails and sms within 5 minutes of it happening. 1 of the times they actually caught the person in the act.

      • FacebookAppMaker says:

        No one can hack into my server. I don’t say this to sound cocky, but because it’s true. My server is in my apartment, attached to it’s own wired router, which is attached to my laptop through ethernet when it’s not connected to WiFi. Therefore, I only do my dev work with no access to the internet.

        Of course, my other server, one that actually connects to the internet, can easily be hacked.

        • Stilor says:

          Yes they can. It is called “social engineering” – all they need is to somehow persuade you (or your cohabitant, if there’s one) to temporarily connect that isolated server to internet.

    • amputato says:

      i’d bet that mastercard and visa probably have the best security out there, of course they don’t have anything that is 100% protection as thats currently impossible

  5. cosmic.charlie says:

    Interesting I have been dealing with counterfeit charges on both my Visa and MasterCard. I would imagine the person that used my card to charge their spa bill in Bali is having a lot more fun than the person that is buying office supplies in Melrose Park.

  6. umbriago says:

    Hey no kidding! Why, just this week, Chase called me and asked me if these $2K worth of Lane Bryant and Babies-R-Us purchases I’d apparently made were legit. They weren’t.

    Not everything Chase does is great, I know….but I gotta hand it to them for their anti-fraud measures. I was impressed.

    • almightytora says:

      Me too! Last month, someone charged $350 to my account for Legoland. I looked at my account and it showed it was done online or over the phone.

      I quickly disputed that and Chase took it off.

    • brinks says:

      I made an online purchase from a European-based skincare company, and Chase sent me a fraud alert text within minutes. It was legit, but it was nice to see that they’re paying attention.

  7. Wes_Sabi says:

    The banks knew about this awhile ago. I received a new card over a month ago from my credit card company due to this.

  8. Back to waiting, but I did get a cute dragon ear cuff says:

    For those that are wondering, I saw the following on slashdot.org. No one is going on record, but probably fairly reliable.

    “Sources at two different major financial institutions said the transactions that most of the cards they analyzed seem to have in common are that they were used in parking garages in and around the New York City area.”

  9. TheMansfieldMauler says:

    Twice in the past 3 months my VISA number has been “tested” with small amounts at seemingly random ratty independent motels along the east coast. My bank caught it both times and cancelled the card without notifying me at all. Pain in the butt.

  10. Saskiatas says:

    I wonder if this applies to debit cards with the MasterCard logo? I was notified by my bank at 8am last Saturday that someone was trying to use my debit card in New York (not where I live), first for a large charge, then a small one. They shut down that debit card number and are issuing a new one; the one small fraudulent charge that got through was removed from my account. I’ve been keeping an eye on all my accounts and so far, no other problems.

  11. some.nerd says:

    Great! Just in time for my cards to be rendered useless during the weekend.

  12. Gehasst says:

    So my info could of been stolen between 1-2 months ago? Glad we are just now hearing about it. Guess I didn’t get lucky this time around, I’ve seen no activity on my Visa card…but then again its a limit of $500 (thx Visa) so I normally just use my Discover which is more than 10x that amount…

  13. sgmax2 says:

    Your card has likely been breached if you paid by credit/debit for a taxi or parking in NYC recently – http://www.bbc.co.uk/news/technology-17569336

  14. Sarek says:

    I got a letter from my credit union several days ago telling me they were going to replace my card one of these days due to an alleged problem. So far no unclean charges have appeared.

  15. yagisencho says:

    Great. And if my identity is stolen again, I can look forward to another lecture from the credit protection agencies about securing my passwords, shredding my financial documents, etc. When yet again, it’s the credit card processors that are at fault. The system is BROKEN.