Language Selection

English French German Italian Portuguese Spanish

Security breach could affect 40 million

Filed under
Security

A security breach of customer information at a credit card-processing company could expose to fraud up to 40 million cardholders of multiple brands, MasterCard International Inc. said Friday.

The credit card giant said its security division detected multiple instances of fraud that tracked back to CardSystems Solutions Inc. of Tucson, Ariz., which processes transactions for banks and merchants.

MasterCard said in a news release late Friday afternoon that it was notifying its card-issuing banks of the problem.

CardSystems was hit by a computer virus that captured customer data for the purpose of fraud, said company spokeswoman Sharon Gamsin. The FBI was investigating.

MasterCard, which said about 14 million of its own cards were exposed, said it was giving CardSystems a ``limited amount of time to demonstrate compliance with security requirements.''

John Perry, chief executive officer of Cardsystems, did not immediately return calls. Nor did officials from American Express and Visa; Discover had no immediate comment. MBNA, a large issuer of cards, also did not immediately return a call.

The breach is the latest in a series that has hurt a number of high-profile companies -- including Citigroup Inc., Bank of America Corp. and DSW Shoe Warehouse.

It also appears the largest involving financial data, said David Sobel, general counsel at the Electronic Privacy Information Center.

``The steady stream of these disclosures shows the pressing need for regulation of the industry both in terms of limitation in the amount of personal information that companies collect and also liability when these kinds of disclosures occur,'' Sobel said.

That the breach involved a third party also ``indicates that this is a shadowy industry where the consumer never really knows who is going to be handling and using their personal information,'' he added.'' Presumably, the affected consumer thought they were dealing with MasterCard.''

Earlier this month, Citigroup said United Parcel Service lost computer tapes with sensitive information from 3.9 million customers of CitiFinancial, a unit that provides personal and home loans.

There have also been breaches involving other kinds of sensitive data.

ChoicePoint Inc. said in February that thieves using stolen identities had created 50 dummy businesses that pulled data including names, addresses and Social Security numbers on as many as 145,000 people.

In March, LexisNexis Inc. disclosed that hackers had commandeered a database and gained access to the personal files of as many as 32,000 people.

The company has since increased its estimate of the people affected to 310,000. Information accessed included names, addresses and Social Security and driver's license numbers, but not credit history, medical records or financial information, corporate parent Reed Elsevier Group PLC said in a statement.

``Hardly a week goes by without startling new examples of breaches of sensitive personal data, reminding us how important it is to pass a comprehensive identity theft prevention bill in Congress quickly,'' said Sen. Charles Schumer, D-N.Y.

Associated Press

More in Tux Machines

Red Hat News

  • Improving Storage Performance with Ceph and Flash
    Ceph is a storage system designed to be used at scale, with clusters of Ceph in deployment in excess of 40 petabytes today. At LinuxCon Europe, Allen Samuels, Engineering Fellow at Western Digital, says that Ceph has been proven to scale out reasonably well. Samuels says, “the most important thing that a storage management system does in the clustered world is to give you availability and durability,” and much of the technology in Ceph focuses on controlling the availability and the durability of your data. In his presentation, Samuels talks not just about some of the performance advantages to deploying Ceph on Flash, but he also goes into detail about what they are doing to optimize Ceph in future releases.
  • Ceph and Flash by Allen Samuels, Western Digital
  • Red Hat Opens Up OpenShift Dedicated to Google Cloud Platform
    When businesses and enterprises begin adopting data center platforms that utilize containerization, then and only then can we finally say that the container trend is sweeping the planet. Red Hat’s starter option for containerization platforms is OpenShift Dedicated — a public cloud-based, mostly preconfigured solution, which launched at this time last year on Amazon AWS.
  • Volatility Numbers in View for Red Hat, Inc. (NYSE:RHT)

Leftovers: OSS and Sharing

  • Rhizome is working on an open-source tool to help archive digital content
    "The stability of this kind of easy archiving for document storage, review and revision is a great possibility, but the workflow for journalists is very specific, so the grant will allow us to figure out how it could function." Another feature of Webrecorder that journalists might find appealing, and one of the software's core purposes, is to preserve material that might be deleted or become unavailable in time. However, the tool is currently operated under a Digital Millennium Copyright Act (DMCA) Takedown policy. This means any individual can ask for a record of their web presence or materials to be removed, so Rhizome will be working to "answer the more complicated questions and figure out policies" around privacy and copyright with the latest round of funding.
  • An ode to releasing software
    There is one particular moment in every Free and Open Source Software project: it’s the time when the software is about to get released. The software has been totally frozen of course, QA tests have been made, all the lights are green; the website still needs to be updated with the release notes, perhaps some new content and of course the stable builds have to be uploaded. The release time is always a special one. The very day of the release, there is some excitement and often a bit of stress. The release manager(s), as well as everyone working on the project’s infrastructure are busy making sure everything is ready when the upload of the stable version of the software, binaries and source, has been completed. In many cases, some attention is paid to the main project’s mirror servers so that the downloads are fluid and work (mostly) flawlessly as soon as the release has been pushed and published.
  • Diversity Scholarship Series: My Time at CloudNativeCon 2016
    CloudNativeCon 2016 was a wonderful first conference for me and although the whirlwind of a conference is tiring, I left feeling motivated and inspired. The conference made me feel like I was a part of the community and technology I have been working with daily.
  • WordPress 4.7 Content Management System Provides New Design Options
    WordPress is among the most widely used open-source technologies in the world, powering more than 70 million websites. WordPress 4.7 was released Dec. 6, providing a new milestone update including new features for both users and developers. As is typically the case with new WordPress releases, there is also a new default theme in the 4.7 update. The 2017 theme provides users with a number of interesting attributes including the large feature image as well as the ability to have a video as part of the header image. The Theme Customizer feature enables users to more intuitively adjust various elements of a theme, to fit the needs of websites that use will upgrade to WordPress 4.7. In addition, the new custom CSS (Cascading Style Sheets) feature within a theme preview lets users quickly see how style changes will change the look of a site. As an open-source project, WordPress benefits from participation of independent contributors and for the 4.7 release there were 482 contributors. In this slideshow eWEEK takes a look at some of the highlights of the WordPress 4.7 release.
  • Psychology Professor Releases Free, Open-Source, Preprint Software
    The Center for Open Science, directed by University of Virginia psychology professor Brian Nosek, has launched three new services to more quickly share research data as the center continues its mission to press for openness, integrity and reproducibility of scientific research. Typically, researchers send preprint manuscripts detailing their research findings to peer-reviewed academic journals, such as Nature and Science. The review process can take months or even years before publication – if the research is published at all. By contrast, “preprinting,” or sharing non-peer-reviewed research results online, enables crucial data to get out to the community the moment it is completed. That, said Nosek, is critical.
  • Integral Ad Science Launches Open Source SDK to Drive Mobile Innovation for the Advertising Industry
  • Tullett Prebon Information, Quaternion and Columbia University form open source risk collaboration
  • Tullett Prebon Information And Quaternion Risk Management Partner To Enhance Transparency And Standardisation In Risk Modelling – Partnership Fuels Columbia University Research To Improve Understanding Of Systemic Risk
  • Integral Ad Science Partners with Google, Others for Open Source Viewability
  • DoomRL creator makes free roguelike open-source to try and counter Zenimax legal threat
  • DoomRL Goes Open-Source in Face of Copyright Claims
    Earlier this week, ZeniMax Medi hit DoomRL, a popular roguelike version of the original first-person shooter, with a cease-and-desist order. This order instructed producer ChaosForge to remove the free downloadable game to prevent further legal action. Instead of taking it down, co-creator Kornel Kisielewicz turned the game open-source.
  • This Indian software company just partnered with the world’s biggest open source community
    In what can be called a major motivation for Indian tech firms, Amrut Software, an end-to-end Software, BPO services and solutions provider has become a GitHub distributor for India region. GitHub hosts world’s biggest open source community along with the most popular version control systems, configuration management and collaboration tools for software developers. It has some of the largest installations of repositories in the world.
  • Python 3.6 released with many new improvements and features
    Python,the high-level interpreted programming language is now one of the most preferred programming language by beginners and professional-level developers.So,here Python 3.6 is now available with many changes,improvements and of course the ease of Python was not left in the work list.

Security Leftovers