Sources: Credit Card Breach at California DMV

[InfoSec News <alerts () infosecnews org>]

http://krebsonsecurity.com/2014/03/sources-credit-card-breach-at-california-dmv/

By Brian Krebs
krebsonsecurity.com
March 22, 2014

The California Department of Motor Vehicles appears to have suffered a 
wide-ranging credit card data breach involving online payments for 
DMV-related services, according to banks in California and elsewhere that 
received alerts this week about compromised cards that all had been 
previously used online at the California DMV.

The alert, sent privately by MasterCard to financial institutions this 
week, did not name the breached entity but said the organization in 
question experienced a "card-not-present" breach -- industry speak for 
transactions conducted online. The alert further stated that the date 
range of the potentially compromised transactions extended from Aug. 2, 
2013 to Jan. 31, 2014, and that the data stolen included the card number, 
expiration date, and three-digit security code printed on the back of 
cards.

Five different financial institutions contacted by this publication — 
including two mid-sized banks in California — confirmed receipt of the 
MasterCard notice, and said that all of the cards MasterCard alerted them 
about as compromised had been used for charges bearing the notation "STATE 
OF CALIF DMV INT".

A representative from MasterCard, speaking on background, confirmed 
sending out an alert this week. According to bank sources, Visa has not 
sent out a similar alert. A Visa spokesperson said "Visa cannot comment on 
potential third party data compromises or ongoing investigations."

[...]

--
Find the best IT Security talent without breaking your recruiting budget.
Jobs cross-posted to Simply Hired, Facebook and LinkedIn.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/