<< NTP Has Another Patent Invalidated -- RIM's Strategy Looking Smarter   |    That Evil Internet Stealing Our Children Again >>

Scams

Scams

by Mike Masnick

Mon, Jun 20th 2005 1:39am

Share This


Print



Massive Credit Card Breach Was On Data That Wasn't Supposed To Exist

from the who-can-we-blame? dept

Late Friday afternoon, MasterCard released the news about how potentially 40 million credit card holders were at risk of having their data stolen, after discovering a hacker had placed a trojan on the computers of a credit card processing company. That was scary enough, but as the details continued to come out over the weekend, the situation just seemed to get worse and worse. Jeremy Wagstaff notes that the processor in question, CardSystems, apparently knew about the breach for nearly a month but claimed they didn't say anything because the FBI asked them not to -- a charge that the FBI denies. Then comes the best part. The NY Times reports that CardSystems wasn't even supposed to have this data. The company processes credit card transactions, but isn't supposed to keep records of the transactions, as per agreements it signed with Visa and MasterCard. However, these days, when it seems to be common practice to play fast and loose with other people's data, CardSystems hung onto all the data, for its own "research" purposes. It looks like those research purposes just caused plenty of problems for an awful lot of people.

3 Comments | Leave a Comment..

 

Reader Comments (rss)

(Flattened / Threaded)

  1. What about Breached Babies?

    by dorpus - Jun 20th, 2005 @ 1:45am

    Will there be a massive international trade in aborted babies for human consumption? Stem Cell research, Chinese cuisine, you name it.

    http://www.tcnweb.ne.jp/~perfect/china.htm

    (reply to this comment) (link to this comment)

  2. Re: What about Breached Babies?

    by anti-dorphus - Jun 20th, 2005 @ 2:15am

    do you need some body parts dorphus - like a BRAIN ?

    (reply to this comment) (link to this comment)

  3. Securiy by volutary compliance

    by Precision Blogger - Jun 20th, 2005 @ 8:05am

    What's REALLY interesting is that the banks make security policy and then trust the processing companies to follow it. These records might not have existed if the the banks had been actively auditing the procesing companies instead of telling them what they were supposed to do and leaving it at that.
    - Precision Blogger

    (reply to this comment) (link to this comment)

Add Your Comment

Get Techdirt’s Daily Email
Plain Text HTML Save me a cookie
  • Plain Text: A CRLF will be replaced by break <br> tag, all other allowable HTML is intact
  • HTML: No formatting of any kind is done without explicitly being written in
  • Allowed HTML Tags: <b> <i> <p> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Close
Get Techdirt’s Daily Email
Plain Text HTML Save me a cookie

<< NTP Has Another Patent Invalidated -- RIM's Strategy Looking Smarter   |    That Evil Internet Stealing Our Children Again >>

Search Techdirt
And now, a word from our Sponsors..
Subscribe to Techdirt's Daily Email Newsletter

Techdirt's Daily Email Newsletter

Related Stories

Latest Nigerian Email Scam: Renters Checks (12)

Using Google Suggest To See If A Company Is A Scam (15)

Online Poker Cheating Scam Unraveled (22)

Washington State Sues Company For Fake Error Messages (8)

Is The Mob Using Your Facebook Profile Against You? (10)

Close
E-mail It