Community Bank says new Visa cards in mail after hacking incident

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.stripes.com/article.asp?section=104&article=54108

By Charlie Coon
Stars and Stripes
Mideast edition
April 17, 2008

No Community Bank customers lost money when an Internet site they used to 
make purchases was attacked by a malicious computer program, prompting the 
overseas military bank to cancel 867 Visa banking cards last week.

The affected customers have been mailed a new bank card, according to 
Thomas LaRock, a spokesman with the Defense Finance and Accounting 
Service, which oversees the Defense Department.s contract with Bank of 
America and its Community Bank subsidiary.

"The bank has made, and continues to make, every effort to directly 
contact each of the 867 affected cardholders to inform them of the 
incident and notify them that a new card has been issued," LaRock wrote in 
an e-mailed response to Stars and Stripes.

Most of the customers were Germany-based, according to DFAS.

According to LaRock, the compromise apparently occurred when a malicious 
computer program targeted an online merchant with rapid-fire fake 
purchases. Once the purchases were authorized by the merchant, the 
perpetrator used the authorizations to trace back the information to the 
affected Visa cards.

[..]
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml