Monday, March 2, 2009

No New Payment Processor Data Breach After All

Via DarkReading -

Turns out word about a new payment-card processor data breach was a false alarm: After several credit unions posted notices in the past couple of weeks warning that Visa had alerted them to a new payment processor breach, Visa now says the alerts were related to an existing, known breach.

"The recent alerts Visa sent to card issuers were part of an existing investigation and are not related to a new compromise event," Visa said in a statement issued late last week.

But Visa wouldn't say just what organization or breach it was referring to.

[...]

Meanwhile, it's unclear what caused all of the confusion about the latest credit card breach warnings, which led to Visa's issuing a public statement that there was no new hack.

"Visa has provided the affected accounts to financial institutions so they can take steps to protect consumers. In addition, Visa is risk-scoring all transactions in real-time, helping card issuers better distinguish fraud transactions from legitimate ones," Visa said in its statement.

"It's essential that every business that handles payment card information adhere to the highest data protection standards to protect the security and privacy of their customers' financial information. Visa is aggressively partnering with businesses and financial institutions to enhance security surrounding debit, credit and prepaid card information," the statement said.

MasterCard, meanwhile, said in a statement that it is "monitoring developments" in this case and has notified the affected card issuers. "Because this incident is the subject of an ongoing investigation, we cannot disclose additional details regarding the incident or otherwise comment at this time," the company said.

No comments:

Post a Comment