Last Friday, it was reported that a payment-processing centre in
Atlanta, Card Solutions, became the largest target of a successful
hacking attack. According to media reports, the company, which
authenticates credit card transactions for several major credit
card companies, discovered that information was stolen, allowing
unauthorised third-parties to fraudulently use the cards.
MasterCard International have reportedly claimed that more than
40 million credit card numbers have been stolen while Visa has
estimated that 18 million of its customers may have been affected.
The theft of these numbers has already led to fraudulent
purchases.
Media reports have said that the hacker gained access using
malicious software to steal the numbers.
Customers are reportedly not at risk of identity theft since
information kept on credit cards is limited; the hacker allegedly
did not access PIN numbers. Additionally, individual customers will
not be responsible for any fraudulent transactions.
"We are seeing a worrying increase in the amount of crime being
committed on computers by hackers and malicious software," said
Carole Theriault.
"Computers are very powerful tools that hold vast amounts of
personal and confidential information. In some instances, stolen
information can be very valuable. Not only is it important to
practice safe computing, it is also wise to check that the
companies that hold your confidential data are taking your security
needs seriously."
Experts recommend that card users check their statements
regularly to ensure that no fraudulent charges have been placed. If
a fraudulent charge is present, victims should contact their bank
and file a police report to facilitate the refund of the
charges.
The FBI has been notified at the time of the breach and are
currently investigating.
Concerned credit card users should contact their credit card
issuers for further information.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.