[Asterisk-biz] CC Fraud
snacktime
snacktime at gmail.com
Sat Jun 18 12:05:10 MST 2005
On 6/18/05, Andres <andres at telesip.net> wrote:
>
> >>>
> >>
> >> MasterCard announced yesterday the theft of 40,000,000 credit card
> >> numbers (and associated information, including CVV) from Card
> >> Services Intl, one of the big CC processors.
> >>
> >> So, we know that there are at least 40,000,000 valid card numbers and
> >> CVVs out running around right now. Even worse, the theft occurred
> >> 5/22 and the FBI got everyone to keep quiet. (*sigh*)
> >
> >
> > Can you tell us where exactly you saw this announcement? Thanks,
> >
> OK... I see the announcement but I see the company mentioned is
> "CardSystems", and not "Card Services International". I believe both
> companies are not related. Correct me if I am wrong please.
>
> Furthermore if the theft included CVV records then they are in clear
> violation of MasterCard and Visa policies which explicitly say those
> numbers cannot be stored anywhere.
You might be surprised at how many companies are out of compliance.
We went through our security audit for visa/mastercard last year, and
the chats I had with the auditor were interesting. Things like
application level security and asymmetric encryption are not exactly
widespread or even understood. A lot of companies still rely almost
solely on their firewall for protection.
Chris
More information about the asterisk-biz
mailing list