Details emerge on credit card breach

TalkBack 21 of 29:

Next »

« Previous

• Thread View
• Flat View

Anyone surprised?

``Into the breach
CardSystems said in a statement Friday that it had identified a "potential security incident" on Sunday, May 22, and called in the FBI the next day. Visa and MasterCard were also contacted, the company said. MasterCard went public with the CardSystems' breach on Friday after it had identified all the affected accounts, Antle said.''

Why did they just sit on their hands until this Fti? So that as many illegal transactions as possible can take place? Who is going to foot the bill?



``More than 40 million credit card accounts were exposed by the breach. About 22 million of those are Visa cards and 13.9 million are MasterCard, the companies have said. The remaining accounts were linked to other brands, including American Express and Discover.

While millions of accounts were potentially accessed by the attackers, the investigation into the theft has found that records covering about 200,000 cards were transferred outside the CardSystems network, Antle said. Of those records, 68,000 are for MasterCards, she.... ''

I am SO relieved .... 200,000 cards ONLY affected!

MasterCard International said it "worked with CardSystems to remediate the security vulnerabilities in the processor's systems. These vulnerabilities allowed an unauthorized individual to infiltrate their network and access the cardholder data." Officials at affected institutions were not specifying the vulnerability and exploit used to breach CardSystems' security. The CardSystems web site runs on the Windows 2000 operating system and Microsoft IIS Server 5.0.

From www.netcraft.com:

``MasterCard International said it "worked with CardSystems to remediate the security vulnerabilities in the processor's systems. These vulnerabilities allowed an unauthorized individual to infiltrate their network and access the cardholder data." Officials at affected institutions were not specifying the vulnerability and exploit used to breach CardSystems' security. The CardSystems web site runs on the Windows 2000 operating system and Microsoft IIS Server 5.0.'' ...

After ALL the past record of breaches and compromises of these 'servers' by remote creeps, HOW ON EARTH the persons RESPONSIBLE for the these systems did NOT take ANY POSSIBLE precaution to avert such types of attacks? This not the 7/11 at the corner....

Is it that they tried to take ALL possible measures or they are simply Mickey Mouse type of IT 'professionals'? It is most likely BOTH.

As long as there is NO ACCOUNTABILITY in the handling of other people's money or credit all these irresponsible individuals will be doing their 'magic' screwing over 100,000s of people.

Is anyone surprised that the Barbie-quality MS IIS could get massively compromised and 'tons' of data just were syphoned out?

NO surprise here: it was only a matter of WHEN a destructive compromise would take place and not IF. The 100s of signs preceded in the last FOUR years....

-m

Posted by: michael_t   Posted on: 06/20/05 You are currently: a Guest | Members login | Terms of Use

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

SponsoredWhite Papers, Webcasts, and Downloads

• Reducing Server Total Cost of Ownership with VMware Virtualization Software VMware VMware virtualization enables customers to reduce their server TCO and ... Download Now
• Building the Virtualized Enterprise with VMware Iinfrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now
• Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now