Japan cardholders 'hit' by theft

The hacker who was behind the biggest data theft seen in the US may also have compromised the data of Japanese cardholders, the government has said. Up to 40 million credit card accounts were compromised, after the breach of security at Cardsystems. The theft affected mostly Mastercard and Visa clients, but American Express and Discovery customers were also hit. Fraudulent transactions have now emerged in Japan, where as many as 26 credit firms are linked to Mastercard. The Japanese government warned that almost all 26 domestic credit firms may have been affected. UFJ, one of Japan's biggest banks, said that there have been about 20 suspect transactions reported by customers at its credit card division. UCS, a credit card firm affiliated with supermarket chain Uny, also said that more than 100 of its clients may have been affected, while there are concerns about cards issued by a number of regional banks. In Hong Kong, lenders have warned their customers, but said that only a "small number" need worry. Security lapse At least 200,000 individual records are known to have been stolen, following the breach of security at Arizona-based Cardsystems. Speaking in an interview with the New York Times on Monday, the chief executive of Cardsystems John Perry said that the firm had not followed security measures put in place by Mastercard and Visa. It had held on to personal data for research purposes, instead of removing it once the transaction was complete, he said. "We should not have been doing that," he told the New York Times. Mastercard has sought to reassure customers, saying that social security numbers, the golden egg of personal information, had not been compromised. More regulation? News of the theft has prompted calls for greater regulation of the 500 or so firms that process credit card transactions in the US. "They are not being watched carefully enough," said Avivah Litan, an analyst at Gartner. The theft is the latest in a string of security breaches that have embarrassed firms and worried consumers. Banking giant Citigroup lost tapes containing the personal details of almost four million customers. LexisNexis, Polo Ralph Lauren, HSBC, Wachovia Bank and Bank of America have all been affected by similar problems. "Consumers' personal and financial data has become the gold of the 21st century and we need to protect it accordingly," said US Democratic Senator Charles Schumer. Susanna Montezemolo of the Consumers' Union in the US said that the latest theft should act as a "wake-up call for lawmakers". Chasing shadows Analysts said that tightening up security measures are essential if future attacks are to be deterred and detected. Credit card companies "just sort of wait" for security breaches to happen, said Gartner's Ms Litan. Today's hackers are more likely to be well-organised criminals based in Eastern Europe, rather than the bored youths in suburban basements so often depicted in films. Instead of creating viruses that will cause maximum disruption, today's cyber criminals are focused and precise in their attacks. Using special programmes they are able to track computer keyboard strokes, finding out passwords and key information that they then use to break through a company's defences. As protection becomes more sophisticated, so do the criminals. "Two years ago I would say one of the things you should do is shred your trash," said Bruce Schneier of Counterpane Internet Security. "Now that is completely obsolete advice."

print this article

Return to internet news headlines
View Internet News Archive

Share with: