E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Accountants, home page.
LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by Bennett Gold LLP, Chartered Accountants

Effective December 31, 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering articles from the period 1999 to 2012.


Source: National Post

Posted on February 19, 2003

      An "unauthorized intruder" gained access to a database belonging to a company that processes transactions for merchants. The intruder had access to Visa, MasterCard and American Express account numbers.

      Approximately eight million account numbers may have been compromised overall, according to a statement released by MasterCard International. They include 3.4 million Visa accounts (including 60,000 Canadian accounts) and 2.2 million MasterCard numbers, (including 40,000 based in Canada).

      "That's one of the largest breaches that I've ever seen," said Rick Broadhead, a technology analyst and author based in Toronto.

      A spokeswoman for American Express refused to give any details about how many of its accounts may be affected by the security breach or where they are based.

      The companies said there has been no sign of fraudulent activity involving the accounts, and that consumers will be protected if it does occur.

      "We can't say for sure that this information is going to be used in a fraudulent manner. That's still the unknown here," said Kevin Wasslen, Visa Canada's director of risk management.

      Some hackers simply view breaking into companies' systems as a challenge and never intend to use the information they access, Mr. Broadhead added.

      "You could say a burglar broke into a home. Did the burglar take everything that was in the home or did he just go in the front door?" he said.

      "For some hackers, it's just a game that they play to see what they can breach and how far they can go. It's very possible this could be somebody that's just out there joyriding."

      Customers holding credit cards from the three firms will not be held responsible for any fraudulent activity or unauthorized charges; each has a "zero liability" policy protecting consumers.

      None of the companies would identify the processor involved in the incident or say exactly when or how the intrusion occurred.

      In a statement, MasterCard International said it became aware of the incident earlier this month. The problem was reported by a third-party processor who was unable to say whether the intrusion came from the United States or overseas. Processors handle transactions for merchants, bundling and transmitting charges to the banks that issue the cards.

      "Although fraud is at an all-time low, high-profile companies, government agencies, Internet programs and Web sites will always be targeted by criminals -- Visa and our vendors are no exception," Visa USA said in a statement.

      Mr. Broadhead said companies are locked in a never-ending cat-and-mouse game with hackers and can never guarantee their electronic systems are 100% safe.

      "There is no such thing as perfect security," he said. "If somebody really wants to break into your system, they'll find a way. What you have to focus on is minimizing the chance somebody's going to break in and minimizing the damage that ultimately would result."

CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.

Final Entries

LINK TO: Bennett Gold Chartered Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Privacy Breaches.

Get WebTrust
Working For
Your Site.