by Bob | Oct 23, 2016 | Views
While we at Compliance3 continue to work with companies in the UK and Europe to ‘take risk off the table’ by taking card data out of their data environments, criminals continue to probe other markets to find potential chinks in the armour of payment card security. The latest data breach to come to our attention – it may not have registered on your radar – is on the Indian sub-continent. The BBC ran a story last week (here) that suggested that “fears that the security of more than 3.2 million debit cards has been compromised”. The compromise appears to have emanated from an ATM network infected with malware. Okay, so 3.2 million cards only represents half of one per cent of all cards issued in India (there are some 700 million debit cards issued in India); and to date fraudulent transactions have only totalled around $195,000 (13 million rupees) – mainly in China and the US – but that’s still a lot of cards at risk, and potential damage to India’s newly emerging card based economy. Indian banks are struggling to get cashless transactions accepted; with only 10 digital transactions per head per annum, compared to around 260 per head per annum in the UK; and data compromises like this will not help foster trust. Shaktikanta Das, the Department of Economic Affairs Secretary of the Indian Government said “There is no cause for alarm. The integrity of IT system of banks is robust and whatever action is required, the government will take promptly,” Mohit Bahl Head of Forensic Services at KPMG India suggested that while “Indian Banks have cyber...
by Bob | May 25, 2016 | Views
We’ve written in the past about data breaches, where customers’ card details are stolen, and while the press tend to dwell on the ongoing risks to customers as a result of their data being compromised, it’s rare for the subsequent exploitation of data breaches to make news. This week, however, saw the news of an audacious and sophisticated attack using stolen account data to create 1,600 fake payment cards and then steal nearly $13 million dollars from South Africa’s Standard Bank. The thieves exploited the high maximum withdrawal amounts allowed in Japan, where the maximum amount that can be withdrawn from an ATM is ¥100,000 (or about £630), and withdrew that maximum amount 14,000 times from 1,400 machines. The targeted machines were installed in 7-11 stores across Japan, unusually for Japan these particular machines accept international cards. The thefts took place over a three hour period, early on the morning of Sunday May 15th, that would be late Saturday night in South Africa. While customers have not suffered any losses, Standard Bank estimate their total losses to be close to $19 million. Standard Bank described the heist as “a sophisticated, co-ordinated fraud incident” involving what it said was a “small number” of fake cards from account data belonging to...
