http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=214502489 By Kelly Jackson Higgins DarkReading Feb 23, 2009 Brace yourself for another payment-processor breach: A second U.S.-based payment acquirer/processor has been hit with a network hack that exposed consumers' credit card accounts. As of this posting, the victim firm's identity had not been revealed. According to several credit unions, Visa recently alerted them that another payment processor had discovered a data breach. Among the credit unions issuing alerts about the breach on their Websites are The Tuscaloosa VA Federal Credit Union and the Pennsylvania Credit Union Association. The Open Security Foundation has a notice posted on its DataLossDB site. The latest breach follows that of Heartland Payment Systems, which went public on Jan. 20 about discovering malware on its processing system; some security experts have called it the largest security breach ever. Heartland processes 100 million payment card transactions per month for 175,000 merchants. While details on the latest hack are still emerging, there is one known difference between it and Heartland's: This latest breach exposed so-called card-not-present transactions -- online and call-based transactions -- and not magnetic-stripe track data. Primary account numbers and expiration dates were stolen from the firm's settlement system, according to the Tuscaloosa VA Federal Credit Union. [...] _______________________________________________ Best Selling Security Books and More! http://www.shopinfosecnews.org/Received on Tue Feb 24 2009 - 02:48:26 PST
This archive was generated by hypermail 2.2.0 : Tue Feb 24 2009 - 02:50:26 PST