Millions Of MasterCard, Visa Cards Reported Compromised; Regular Bank Robberies Down However

Data Theft Allegedly Thru Processor

What may turn out to be one of the biggest credit card frauds, thieves seem to have hit the payment card industry again at one of its vulnerable nerve centers: a credit card processor firm.

According to a report from security blogger Brian Krebs at krebsonsecurity.com and repeated today on Forbes.com, Visa and MasterCard are warning banks of a potentially massive breach of payment card information from a U.S. card processor. Krebs writes that it may affect as many as 10 million credit cards, and that it included enough information that thieves could successfully counterfeit new cards.

Also today, Friday, March 30, MasterCard acknowledged a problem. In a statement: MasterCard is currently investigating a potential account data compromise event of a U.S. based entity and, as a result, we have alerted payment card issuers regarding certain MasterCard accounts that are potentially at risk, the association said. Law enforcement has been notified of this matter and the incident is currently the subject of an ongoing forensic review by an independent data security organization, it related.

Gartner security expert Avivah Litan said she has been told that the stolen data is already being used on the street by identity thieves.

There may be similarities to a late 2008 incident involving a security breach of Visa and MasterCard data being handled by Heartland Payment Systems.

While credit card data breaches seem to be adding up to multimillions in dollar and card losses, plain old bank robberies as compared are chump change.

For example, according to a just released FBI crime statistics report, during the third quarter of 2011, there were 1,094 reported violations of the Federal Bank Robbery and Incidental Crimes Statue, a decrease from the 1,325 reported violations in the same quarter of 2010, according to statistics released March 27 by the FBI. There were 1,081 robberies, 11 burglaries, 2 larcenies, and 1 extortion of a financial institution reported between July 1, 2011 and September 30, 2011. These statistics were recorded as of October 28, 2011.

Highlights of the report include:

Loot was taken in 89 percent of the incidents, totaling more than $9.3 million.

Of the loot taken, 25 percent of it, or more than $1.9 million, was recovered and returned to financial institutions.

Bank crimes most frequently occurred on Friday. Regardless of the day, the time frame when bank crimes occurred most frequently was between 9:00 a.m. and 11:00 a.m.

Acts of violence were committed in 5 percent of the incidents, resulting in 18 injuries, three deaths, and four persons taken hostage.

Demand notes were the most common modus operandi used.

Most violations occurred in the Western region of the U.S., with 375 reported incidents.

Ransomware and the propulsion of the extortion economy has rapidly eclipsed into a national priority. Recently, we observed the catastrophic impact of a widescale ransomware attack impacting gas pipelines and raising national gas prices overnight.