Security Breach May Have Exposed 40M Credit Cards

views updated

Security Breach May Have Exposed 40M Credit Cards

Magazine article

By: Tom Krazit

Date: June 17, 2005

Source: ComputerWorld. "Security Breach May Have Exposed 40M Credit Cards." June 17, 2005. 〈http://www.computerworld.com/securitytopics/security/story/0,10801,102631,00.html〉 (accessed January 14, 2006).

About the Author: The Information Data Group (IDG) is a leading global information technology organization. Besides hosting international IT events, the group publishes as many as 300 journals and magazines worldwide, including PC World, Computer World, GamePro, and Macworld. Tom Krazit, the group's U.S. correspondent for news and events in personal computing, peripherals, and handheld devices, has several articles to his credit on various information technology topics.

INTRODUCTION

Every credit card is issued by an authorized financial institution and given a unique identifying number. Credit card data also contains personal details and other confidential information such as social security numbers. Credit card transactions use electronic methods of transmitting, storing, and retrieving account numbers, which are stored in electronically accessible databases. Data security is key to preventing identity theft and other financial frauds. Despite electronic safeguards and data security measures, such as secure online transmission between commercial nodes such as banks, credit card processors, and business establishments, the data is potentially vulnerable to abuse.

In mid-2005, network security at CardSystems Solutions Inc., a MasterCard processing company, was compromised by a hacker, exposing as many as 40 million credit card numbers to potential theft and abuse. Although MasterCard's fraud-detection system detected the breach in May 2005 and informed issuing banks about the incident, the sheer size of the breach—the largest to date—raised concerns worldwide.

"Security Breach May Have Exposed 40M Credit Cards" is a news report from the Computer World website.

PRIMARY SOURCE

[Text Not Available]

SIGNIFICANCE

Electronic crime, especially unauthorized access to data in electronic information systems, has risen with the with the number of transactions conducted on the internet. American corporations lose around one billion dollars each year to credit card fraud. As a result, credit card security has become an increasing concern.

The credit card transaction system originally considered only the logistics of business transaction involving physical goods and services traded by real buyers and sellers. However, the advent of online shopping, auctions, and e-services such as online bill payment have made the system vulnerable to determined hackers.

To quell customer fears about the security and privacy of personal data, most financial institutions and credit card processing services adopt high-tech encryption and antihacking software to ensure highest level of security. As security systems become more advanced, however, hackers become more determined to crack them.

Despite the introduction of new technologies like Secure Socket Layer (SSL), a type of encryption that ensures maximum security, authentication, and address verification, credit card fraud continues to occur frequently. Various processing companies, merchant establishments, and financial institutions combat these threats with ever more sophisticated technology and advanced security measures. As of 2005, Visa and MasterCard announced various initiatives, safety measures, and multidimensional plans that look at risk perception from various angles to combat possible losses and credit card frauds.