Visa Says No New Processor Breach After All

Buzz has been building for the last week about what might be a new data breach at a credit-card processor. No, not Heartland, a different one. Now Computerworld is reporting that Visa claims there was no new breach. Whom to believe? "In actuality, Visa said in a statement issued today, alerts that it recently sent to banks and credit unions warning them about a compromise at a payment processor were related to the ongoing investigation of a previously known breach. However, Visa still didn't disclose the identity of the breached company, nor did it say why it is continuing to keep the name under wraps."

visa

[Wonda]

there's only one company they'd protect like that, themselves!

Re:visa

You could have done better with that particular subject line:
 
...it's everywhere you don't wanna be.

Re:visa

[Beardo+the+Bearded]

Well, no.

Let's say the card systems at 5 chains have been compromised along with 2 small stores. Visa announces:

"There was a breach at Best Buy, Wal-Mart, Linens and Things, Sears, Gamestop, Beardo's Engineering Services, and Wonda's Chocolate Factory."

Which businesses will survive an announcement like that? "Holy crap," think the public, "I can't buy anything from Beardo or Wonda, but I'm sure those big chains have fixed the problem."

Dear KDAWSON

[Kawahee]

Hi K,

Could you please proof-read the stories you submit from now on, "Buzz as been building" should be "Buzz has been building" instead. Also the Windows 7 DRM article you submitted was crap. It was debunked within the first handful of comments, that:

1. Replacing a DLL in a third party app which causes it to stop working is not Windows' fault, it's yours
2. The folder in question is not accessible in explorer.exe, it is for legacy systems
3. Shitty sound, in beta software? Sounds like (no pun intended) a Creative sound card.

Kind Regards,
Kawahee

Re:Dear KDAWSON

[Locke2005]

No, it was a British comment, and they forgot the apostrophe -- it should have read "Buzz 'as been buildin', mate!"

Re:Dear KDAWSON

[Kawahee]

Now I see!

K: I take it all back

Re:Dear KDAWSON

Yes, you have indeed been done a great disservice by kdawson, and well, the entire Slashdot community as a whole.

You should definitely ask for your money back. Oh, wait...

Re:Dear KDAWSON

[Kawahee]

You forget Slashdot is a subscription site - see?

Re:Dear KDAWSON

You forget Slashdot is a subscription site - see? [slashdot.org]
--
I'll subscribe to Slashdot when I see a month without a dupe, a typo, or an article the "editors" didn't read.

And you forget that your own sig says that you don't subscribe.

Re:Dear KDAWSON

[FrostDust]

Just because you're providing a free service doesn't place you above criticism.

Re:Dear KDAWSON

[Kawahee]

Slashdot advertises itself as a high quality technology news site. They ask for financial support in the form of subscriptions to be a high quality technology news site. The problem is the article kdawson posted was not high quality at all, and even though I don't pay for this service my argument is what incentive do I have to pay when shit like this comes through the "editorial" process?

Re:Dear KDAWSON

[tome2006]

When the cold wind comes. I go where the dahlias bloom. ØØØ ØØØ-

New, Old, who cares?

[pfleming]

We just got notice that my wife's debit card is to be replaced due to being processed through a compromised system. You would think they would work harder on closing up the holes. I got a new debit card a few years back due to the OfficeMax breach. At this rate the economic stimulus might be to put credit card "stampers" to work.

Re:New, Old, who cares?

Uh, you have to be batshit insane to even consider using a debit card in the first place. No matter what guarantees your bank has, if someone steals it then they are stealing money straight out of your bank account. This can tie up your money or worse... like cause checks or other payments to bounce (or be late) which can cause a ripple effect of charges and red tape. Not to mention that there are no laws protecting debit card users. Credit cards have a $50 maximum for fraudulent charges and that is law.

Nothing wrong with using a credit card and paying it off with every statement. Same thing as a debit card with much lower risk.

Re:New, Old, who cares?

[jra]

In point of fact, many debit card issuers now offer the same sort of guarantees -- Visa Check Card branded cards have a national ad campaign touting this specific fact.

What are..

[metalcoat]

they covering up by keeping all of this secret?

Re:What are..

The investigation, obviously. Forensics takes time. Meanwhile they try to do damage control so PR doesn't take a hit, front page.

When you have something to lose, you have something to hide. In this case, business and incompetency, respectively.

This isn't the Visa you're looking for

[mc1138]

Move along, move along

Re:This isn't the Visa you're looking for

I have a bad feeling about this...

weird

From my experience, just got a message from my credit union that my card(s) will be deactivated a week from now because of said breech

The truth

Gaius Baltar is a Java programmer.

when vista is not telling turth

[m1ndrape]

for everything else there's mastercard

Re:when vista is not telling turth

[socsoc]

I don't see what Vista has to do with this, but I disagree with your MasterCard statement. I couldn't get it to run on my legacy kit so I had to install Diners Club.

Re:when vista is not telling turth

[Jurily]

getting modded 0, Funny: priceless.

They should be forced to reveal the company

[scamper_22]

My bank called me a few months bank and said I had to come in and change my card and password because it had been compromised. I had used my card as some store that had a malicious debit card scanner. I tried to press to find out which store it was, so I would not shop there again. They avoided answering that like the plague.

I just hope we get this smart-chip cards soon so at least they cannot be copied. Bloody hell, here's something that could use some stimulus and regulation. Mandate the upgrade to these cards and give us the names. We need a name. Give us a name.

So I know which company and store I will never shop at again.

Re:They should be forced to reveal the company

Can't copy chip cards?
You haven't been following some of the news lately. In principle it could be hard, but at least as they are being used there are weaknesses. Have a look e.g. at recent bugtraq traffic.

Re:They should be forced to reveal the company

[jimicus]

I just hope we get this smart-chip cards soon so at least they cannot be copied. Bloody hell, here's something that could use some stimulus and regulation. Mandate the upgrade to these cards and give us the names.

Aw, bless.

A few of the things that have been known to happen with the chip cards in the UK, where they were introduced a couple of years ago:

1. The magnetic stripe's still there. Stripe gets cloned, information is sent to some far-off country and used over there where chip cards don't exist. Chip & PIN won't solve this until it's rolled out worldwide and the magnetic stripe is discontinued altogether.

2. There are plenty of attacks which have been used with some success against Chip & PIN, including fake readers in petrol stations (either the petrol station owner is dishonest or - more likely because it seems to affect huge numbers at a time - some random bloke is coming in off the street and saying "I'm here to replace your card reader" and the person behind the counter just says "OK then").

3. A cash machine is rigged to allow the thief to steal your card: http://www.travelfinances.com/blog/index.php/2006/12/27/card-fishing-atm-scam/

Re:They should be forced to reveal the company

[revoldub]

I just received a letter in the mail today. It said your debit card information may have been compromised from Feb. 2008 to Nov. 2008.

No further direction was given. Not even whether I need to act further on the matter or not. Just a page saying it was breached and telling me I should check my web track of daily transactions. I do!

translation

[speedtux]

What they seem to be saying in so many words is: "There have been so many data breaches that we have lost track of which ones we have already told you about."

Anon

WRONG.

Visa has disclosed it, just not publicly.
I just got off the phone with New England Federal Credit Union, Williston, VT

They know. Some payment processing company. No personal info, just the numbers and pins were lost.

I just got assigned my new card last night. Joy.

Could it be the evil CCBILL?

So could this be the big evil ccbill as they are insecure and low and behold factually visa's largest payment processor?

!vista

[russlar]

I read the headline too quickly, and thought it said "Vista Says No New Processor Breach After All."

Re:!vista

Yeah, vista was breached again, so what else is new?

My Visa was reissued last week

My Shitibank Visa was first blocked then reissued last week. Shitibank is not saying much but since I use this card only when traveling, I am sure the revocation is related to a single payment for Marriott in Seoul on Feb 5.

We did not get dates..

I got a statement last week saying my credit card details were compromised due to "a foreign hack" (I live in Belgium), suggesting I have the card blocked and offering a free replacement within 1 week if I did.. and the guarantee that I'd be protected against any fraud if I did.. Suggesting I wouldn't be if I didn't?

I'm Getting a New Credit Card

[DeanFox]

I got a letter in the mail just yesterday from my Credit Union saying they're issuing me a new credit card. The reason they stated was specifically because of the Heartland breach by name.

I think it costs them $10.00-$15.00 for a new card when all is said and done. I don't know if they're issuing new cards to everyone or just those who have had activity at a merchant tied to Heartland. Even limited this is going to cost the banks money and that's they way it should be. When fraud become more expensive than the fix, that's when it will get fixed. We legislated corporations into person-hood but never legislated morals to go with it.

-[d]-

Cash is King

[gremlin_591002]

I'm tired of worrying about it. I'm switching back to cash.