Hacker Breaches VISA/Mastercard Credit Card Security
London, UK - 18 February 2003, 10:00 GMT - A hacker gained access
to several million Visa and Mastercard credit card accounts in the US.
mi2g Intelligence Unit's research has consistently shown that Brazilian,
US and European criminal syndicates have been carrying out credit card and
identity theft in increasing numbers by targeting the proliferating eCommerce
vendors and their credit card settlement agents. Often, these profiles are
being sold on the black market for $1 per number.
Now that the over four Trillion Dollars per annum credit card settlement
backbone is Internet enabled and eCommerce via the web is growing exponentially,
the number of such cases that will come to light in the area of credit card
fraud and piracy are likely to rise significantly.
The mainstream databases - SQL, Oracle and DB/2 - where such information
is stored exhibit vulnerabilities and not all patches and necessary encryption
regimes have been appropriately applied by all vendors. There is still an
inadequate understanding in industry on how to protect and tranche credit
card data and personal profiles.
In late January, the Slammer worm targeted the SQL database server and American
Express online services exhibited slow down and denial of service in some
cases. Also 13,000 bank ATMs were unable to dispense cash.
mi2g's research has shown that digital networks are consistently afflicted
by four types of digital crimes:
1. Piracy - Financial and intellectual property theft
2. Surrogacy/Identity theft - Passing off as somebody else
3. Denial of Service
4. Hazards - Health and safety compromises