CardSystems Compromises Data of 40 Million MasterCard and Visa Cardholders

The Internet Patrol - Patrolling the Internet for You

In case you were listening to the radio or televion news today, yes, you heard it right, and your ears were not deceiving you. The credit card information of 40 million MasterCard and Visa cardholders was compromised when someone hacked into the computers of Arizona-based CardSystems Solutions.

40 million.


That makes the measily 35,000 accounts which were compromised in the ChoicePoint hacking seem paltry by comparison.

Let me just say it again:

40 million

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

 

Just how did this happen?

Apparently a hacker had managed to install a Trojan which gave the hacker access to CardSystem’s network. And although the breach was only confirmed a few weeks ago, the breach apparently happened sometime at the end of last year. It is not known exactly how long the security hole remained open until CardSystems finally closed it.

But that is not the reason that you should be unhappy with CardSystems.

 

The reason that you should be unhappy with CardSystems is because they weren’t supposed to have the data in the first place!

That’s right. CardSystems was not only not authorized to retain the data, but in fact they were affirmatively supposed to not store the data, which contained the credit card information of cards associated with failed transactions. CardSystems was bound by the terms of their agreements with both MasterCard and Visa to not retain cardholder information following transactions, and instead they kept the information in a file for “research purposes”.

Admitted CardSystem’s Senior Vice President, Bill Reeves, “We were out of compliance and we recognize that file was out of compliance with the association rules.”

Oh good. So what are you going to do about it?

What can be done about it?

There is little incentive for financial institutions to anything about it, points out Dan Clements, CEO of CardCops.com. In fact, with neither the consumer nor the bank on the hook for fraudulant purchases, and with the banks often charging merchants to reverse those transactions, Clement observes of the banks, “It’s a revenue stream for them.”

So who here is ready to go back to good old cash?

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

One thought on “CardSystems Compromises Data of 40 Million MasterCard and Visa Cardholders

  1. I say we all start suing these companies that have been so careless with our personal information and make THEM liable for any fraudulent transactions resulting from such carelessness. SOMEBODY needs to be held responsible. Doesn’t it seem strange that we are hearing about SO MANY breaches lately? This is, indeed, scary stuff.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.