Hacker gains access to 5.6 million Visa, MasterCard numbers

theciscokid · 19-02-2003 8:46am #1

Talk about a breach of security

NEW YORK (AP) — A computer hacker gained access to more than 5.6 million Visa and MasterCard account numbers by breaching the security of a company that processes transactions for merchants, the card associations said Tuesday.

usa today : http://www.usatoday.com/news/nation/2003-02-18-hacker_x.htm

washington times : http://www.washtimes.com/business/20030219-10559712.htm

:eek:

Xterminator · 19-02-2003 11:55am

Feckers.

I reckon mine was one of them.

i went to use my Visa on monday nite, and it was declined.
When i called Tesco, they said the no. had been stolen, and that I was to cut up my card, and wait for the new one.

I think the 3rd party merchant i used was 'world pay'!

X

JohnK · 19-02-2003 1:23pm

Hope my card wasn't one of them. I buy a lot online :eek:

eth0_ · 19-02-2003 1:28pm

Originally posted by Xterminator

I think the 3rd party merchant i used was 'world pay'!

X

SH1T! I used them about 3 weeks ago, and 2checkout.com, and paypal....argh! Haven't heard anything from my bank though.

theciscokid · 19-02-2003 1:58pm

Why over 5 million though?

not like they're going to use em all :rolleyes:

Washout · 19-02-2003 2:03pm

Originally posted by theciscokid
Why over 5 million though?

not like they're going to use em all :rolleyes:

Would you not feel worried though that there is the possibility of these guiys using your card number?

I know I am.

Spunog UIE · 19-02-2003 2:32pm

why would you be scared~? even if they did use the credit card you can only be made liable for up to €60 of purchases w/out credit card cover insurance.

theciscokid · 19-02-2003 4:10pm

the companies stated in this particular case, any fraudulent purchases made from the numbers will be fully covered,

i can see all the dodgy scams originating from normal customers,

"i swear i didn't buy that tv"

but the point i was trying to get across , to my knowledge from reading other articles too ,,

they obtained all the above thru copying a database,

why copy so many bloody numbers ?

they intended to inflict as much damage as possible

ballooba · 19-02-2003 4:16pm

To be famous?

[My code might be pretty bad but don't acuse me of being a hacker.]

MiCr0 · 19-02-2003 4:50pm

Originally posted by theciscokid
the companies stated in this particular case, any fraudulent purchases made from the numbers will be fully covered,

they only said that their US customers would be covered

Talliesin · 19-02-2003 6:46pm

Originally posted by MiCr0
they only said that their US customers would be covered

They can only speak of those cases. Irish customers would be covered against CC fraud as well.

It's important to note that while securing digital transmission of credit card numbers is very important the primary security mechanism is the fact that the companies indemnify customers against such fraud (and in turn are indemnified by insurance companies). Even if a cracker does get your number it shouldn't be the end of the world.

Trojan · 19-02-2003 7:07pm

What's all the fuss about?

It's fairly obvious that the fundamental underlying mechanism of the Credit Card industry is inherently flawed.

We, the cardholders are carrying around our CC number written on a bit of plastic in our wallet. We give this number to countless different people, and the knowledge of the number, along with one or 2 other bits of information about us (which can also be easily found) justifies charging us.

The only reason why this does not lead to massive fraud is that there are not enough criminals. The industry guarantees that we are not liable, and spreads the cost so nobody worries about it.

The truth is that a new mechanism is needed to stop this type of fraud, but it's far too expensive for the card companies to change the existing infrastructure... why bother when fraud levels are so low?

JohnK · 20-02-2003 1:43pm

The FBI are after getting involved now.
FBI investigates credit card hacking 'epidemic'
It also says at the above site that the Credit Card companys are going to be hit for between $32 - $40 million just to replace the cards that were stolen. Even if none of the stolen cards get used its still costing the CC companys a lot of money.

eth0_ · 20-02-2003 8:02pm

theciscokid - why steal 5 million? Just to prove a point, probably. I'm sure they won't try and use the card numbers because now visa and mastercard know, they'll be querying transactions on those card numbers.

tom-thebox · 21-02-2003 1:44pm

Originally posted by eth0_
theciscokid - why steal 5 million? Just to prove a point, probably. I'm sure they won't try and use the card numbers because now visa and mastercard know, they'll be querying transactions on those card numbers.

Thats a load of rubbish of coarse the cards will be used the lot of them, they will more than likly end up getting traded over IRC networks for roots, shells bouncers, 0day exploits etc...

Belive me the sort of people who would take that amount of credit card numbers when they know well they will be noticed gone, are not professionals and are not getting the cards to make a living from, they are going to want to let people know what they have done.

They will also spread them around in many areas to decrease the changes of them getting the blame for using them and getting linked to the hack at the same time.

This sort of thing is going on years it is not new, there have been many problems with many shopping cart systems in the past where whole databases of card numbers have gotten leaked. All the Cart32 exploits would be a good example. Its not a hard task to use them either.

Credit card fraud is horrible, it comes with a very long prison sentance if they catch the people who done this lets hope they get a nice sentance out of it. Linking hacking to fraud it wrong, these people are criminals not hackers.

Regards

Hacker gains access to 5.6 million Visa, MasterCard numbers

Comments