SEARCH RESULTS
 
Showing 1-10 of 19 records
 
Expand article

Visa and Mastercard warn of breach at "major retailer"

The Article has images
2008-03-17 15:27:42 by Evan Francen in The Breach Blog
...MasterCard have contacted 60 to 70 banks in Massachusetts about a large data breach occurring at what the card companies characterized as a major retailer Reference URL Massachusetts Bankers Association press release CNN Money Report Credit The Massachusetts Bankers Association Response From the online sources cited above MASSACHUSETTS...
 
Tags: breach, breach description, security breach, retail data breach, major retailer, retailer, data, major breach, data breach
 
 
 
 
Expand article

Mastercard.com NOT PCI Compliant

2008-01-05 17:40:33 by Bill in Grumpy Security Guy
 
...mastercard.com. The place it was found, the search function, is a notorious location for XSS vulnerabilities. The XSS payload that triggers the vulnerability leads me to believe that there was a fair amount of filtering going on but I guess not enough Who does Mastercard pay PCI penalties to Related Posts PCI Sets the Ceiling Not the Floor I...
 
Tags: pci, pci penalties, pci compliant, mastercard, pci sets, grumpy security guy, post, notorious location, xss vulnerabilities
 
 
 
 
Expand article

Two stolen Saks Incorporated laptops contained sensitive information

The Article has images
2008-05-11 21:28:38 by Evan Francen in The Breach Blog
...MasterCard co-branded credit card account number Breach Description In mid-April 2008, Saks learned that four company laptops were stolen. Two of the stolen laptops contained several files that included customer names, addresses, Saks Fifth Avenue credit card account numbers, and/or Saks Fifth Avenue/MasterCard co-branded credit card account...
 
Tags: saks, laptops, information, andor saks, company laptops, personal information, breach description, breach, credit card account
 
 
 
 
Expand article

KimsCrafts e-commerce breach affects 4,500

The Article has images
2007-12-14 16:08:39 by Evan Francen in The Breach Blog
...Mastercard in assessing the data at risk, and Visa and Mastercard immediately notified your issuing bank so that protective measures could be taken As stated, the security concern was immediately contained, and KimsCrafts subsequently took all necessary steps to protect you While fraudulent use of you credit or debit card is possible,...
 
Tags: kimscrafts, breach, e-commerce, credit file, credit, credit card data, kimscrafts e-commerce site, data, data security firm
 
 
 
 
Expand article

When Will the Media Industry Embrace the BORA Principle?

2007-03-22 10:06:00 by Eric Marvets in The Security Samurai
 
...MasterCard turned to Microsoft and Netscape, respectively, for solutions. As any company would, these tech giants devised schemes that benefited them rather than serve the needs of their clients Fortunately for Visa and MasterCard, CNP (card not present) transactions were already allowed for mail order catalog purchases. Despite their fear...
 
Tags: credit card, credit, credit card industry, credit card fraud, industry, media industry, cut fraud, fraud, credit cards
 
 
 
 
Expand article

SQL injection compromises MLSgear.com customer information

2008-02-11 09:27:06 by Evan Francen in The Breach Blog
 
...MasterCard, our current understanding of this situation is that these third parties used SQL Injection attacks between January and August 2007, and may have obtained names, addresses, credit and debit card information, and MLSGear.com passwords, that had been stored on computer servers operated by a third party service provider Evan] SQL...
 
Tags: information, sensitive personal information, personal information, mlsgear, sql, debit card information, report credit, credit, credit card fraud
 
 
 
 
Expand article

Altman Weil online store compromised

The Article has images
2008-06-16 15:27:28 by Evan Francen in The Breach Blog
...MasterCard and American Express On May 16, 2008, Altman Weil independently notified Visa, MasterCard, and American Express of the potential security breach On Saturday, May 24, 2008, notified all card holders whose cards were current (i.e. the expiration dates had not kicked in yet) by telephone calls placed Notified all card holders by...
 
Tags: altman weil, breach description, breach, security breach, altman weil immediately, altman weil customers, credit card information, potential security breach, information
 
 
 
 
Expand article

Montgomery Ward breached, no notification obligation?

The Article has images
2008-06-27 23:45:03 by Evan Francen in The Breach Blog
...MasterCard Direct Marketing Services closely followed a set of guidelines, issued by Visa, on how to respond to a security breach Evan] This is sad. The Visa documentation regarding breach response is way too narrowly focused to be used as an organizational incident response. Every organization that creates, collects, uses, stores, and/or...
 
Tags: card companies, companies, services, services closely, credit card companies, services retail properties, financial company citigroup, company, montgomery ward
 
 
 
 
Expand article

What's in your wallet?

2008-01-30 10:07:53 by Jen Albornoz Mulligan in Security & Risk Management
 
...Mastercard assuring consumers that their technology is secure As a consumer, the subject of the article and I are both frustrated by the lack of choice given to us by companies trying to impose experimental technology on us. Generally, I am an early adopter of technology, but I don't appreciate the long pages of fine print that accompanied...
 
Tags: credit cards, cards, credit, credit card, card, card issuer, credit card companies, card account, technology
 
 
 
 
Expand article

Fraud Due to a Credit Card Breach

2008-03-21 06:39:34 by schneier in Schneier on Security
 
...MasterCard have stipulated in their contracts with retailers that they will not divulge who the source is when a data breach occurs," Spitzer said. "We've been engaged in a dialogue for a couple years now about changing this rule.... Without knowing who the retailer is that caused the breach, it's hard for banks to conduct a good...
 
Tags: breach, data breach occurs, fraud, risk, million unique account, actual risk, card authorization process, retailer, rule