BreachExchange mailing list archives
USAA Credit Card fraud - breach, or another payment processor?
From: security curmudgeon <jericho () attrition org>
Date: Fri, 29 May 2009 22:01:30 +0000 (UTC)
Earlier this year, Heartland was compromised as most of the civilized world knows. Since they were a payment processor, the impact was huge and over 650 institutions were affected [1]. One of these institutions was USAA [2], who verified to me via a phone call that my card being re-issued earlier this year was due to Heartland. I know three other people affected by Heartland via USAA, one family member and two coworkers. Each of had our credit cards re-issued with new numbers and expiration dates (month and year). Today, I found out that two coworkers both experienced fraud on their newly issued credit carts. The charges occurred in the last couple of days; one person had two charges on NFLSHOP.COM for 1104 and 1504, the other person had two charges listed as "USC ALUMNI ASSOC INTER" for 10 dollars each. It's difficult to write all of this off as coincidence. Is this a first sign of a new breach at USAA? A payment processor? Does anyone have more cases of fraudulent purchases on their USAA issued credit cards within the last 30 days? [1] http://www.bankinfosecurity.com/articles.php?art_id=1502 [2] https://www.usaa.com/ _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- USAA Credit Card fraud - breach, or another payment processor? security curmudgeon (May 29)