Jai Vijayan of Computerworld has gotten more info on the as-yet-unnamed processor breach. In addition to getting confirmation from Visa and MasterCard that the breach occurred and that the window was February 2008 to January 2009, Jai also found a more recent advisory from the Alabama Credit Union: ACU initially posted the alert on Feb….
Category: Financial Sector
Banks starting to report breach at unnamed processor
In an earlier post, I questioned whether banks were just sitting on the breach at the as-yet-unnamed processor. According to a spokesperson from the New York State Consumer Protection Board: While some banks have reported this breach, the CPB awaits formal notification pursuant to New York State law. Until such time as we can review…
Another small detail or two on as-yet-unnamed processor breach
Still no real facts, but more hints of impact. This from the Community Bankers Association of Illinois (emphasis added by me): (February 11,2009) Today, VISA announced that an unnamed processor recently reported that it had discovered a data breach. The processor’s name has been withheld pending completion of the forensic investigation. According to VISA officials,…
UK: Customers’ personal data sent to stranger
Ian Robson reports: A finance company has admitted sending confidential information about customers, including their bank account numbers, to a stranger. Fiat Financial Services had sent a credit agreement to motorist Darren Wright after he bought a car. But they also posted the private details of five other customers who had applied for a loan….
More details on the second processor breach (corrected and updated)
My googling skills are paying off. Found this on TVACU.com: (not CardNet as originally cited; the CardNet notice is provided below the TVACU.com notice) On the heels of the Heartland Payment Systems breach, another U.S. acquirer-processor has confirmed a network intrusion exposing primary card numbers and card expiration dates for card-not-present (CNP) transactions. Unlike the…
More recent breaches we didn’t know about
Thanks to the New Hampshire Attorney General’s Office for posting breach notices online: Student Loan Xpress, Inc. reported (pdf) that the service provider for their student loans, American Education Services, inadvertently transmitted personal information on student loans to another lender that AES also has contracts with. The information may have included names, addresses, Social Security…