advertisement
advertisement

Credit Cards Recalled, Consumers Warned As Spanish Card Processor Is Probed

Written by Fred J. Aun
November 30th, 2009

Evidence of data theft at a Spain-based credit card processing company prompted the recall in November of more than 100,000 cards in Germany. UK cardholders were told to watch for unauthorized activity, but the authorities did not reveal any details about the breach–including the processor’s name. The Daily Mail reported that the “criminals are understood to have stolen card details and then used them to buy goods online.” In a November 19 statement, Germany’s Central Credit Committee (ZKA) called the recall a “precautionary measure and routine operation” and said the card exchange was nearly complete. It said: “All German banks and savings banks have significantly tightened monitoring of the affected cards, which further limits any potential abuse.”

Cards issued by DKB-Bank, Barclays and Karstadt-Quelle are among those at risk, but neither Visa nor MasterCard reported any breaches of their systems. The BBC reported that Visa Europe was “aware of a possible card data security issue in Spain,” but revealed nothing further. The processor is reportedly being investigated for fraud, so the incident may be an inside job rather than the work of hackers or skimmers.


advertisement

Leave a Reply

Readers, specifically those who want to comment on a story:
Our Comment SPAM system is getting very aggressive these days and has been blocking legitimate comments. If you post a comment and don't see it appear within 2 hours or so, can you please send a heads-up to customer-service@storefrontbacktalk.com? Ideally, please include the time you posted the comment. That will allow us to try and hunt for it. Thanks! P.S. We're working on fixing the system, but we don't want to lose any valuable comments in the meantime.

Weekly, Monthly Newsletters

Quickly catch-up on the latest in E-Commerce and Retail Tech with our free weekly report, with urgent bulletins as news merits—along with our monthlies on Mobile, Security, In-Store, E-Commerce and CRM.
advertisement

Most Recent Comments

"Careless" Systems Integrators Now Directly Under PCI DSS

This exact issue has been bothering me for years, and I was JUST talking about it with someone only yesterday. This may well be my favorite article, mostly because I'm biased and have hated this particular problem forever. Read more...
Good article, but how does this have anything to do with the DSS? Read more...
Actually, the QIR program has a lot to do with the DSS (or PCI). Since merchants rely on their reseller or integrator to implement their PA-DSS validated application, these resellers and system integrators play a critical role in merchants achieving and maintaining PCI compliance. As far as I can tell, the QIR program is designed to help merchants stay compliant by making sure their payment applications are installed according to the PA-DSS Implementation Guide, for example ensuring default passwords are changed (and protected), that the data encryption keys are properly set and secured, that the merchant's data retention policy is set, that no sensitive cardholder data are stored, and often that a firewall is in place and properly configured. Read more...
Although this is a great move forward in pushing the issue of highly trained people, it is also a good marketing ploy for the council. It begs the question: How much do they stand to make? The problem for this is that for people (like myself) that are just starting out their own business venture, PCI has typically charged a premium for their training and certifications. This change will likely force those of us with less capital to spin into the abyss. I have more than 15 years in the security and compliance fields with heavy hitter certs like CISSP, CRISC, and Sec+. There should not be a guide but a free test or a pre-requisite of either the PCI cert OR other heavy hitter certs. I just don't want the good guys in small places to get flushed out. Read more...

StorefrontBacktalk
Our apologies. Due to legal and security copyright issues, we can't facilitate the printing of Premium Content. If you absolutely need a hard copy, please contact customer service.