Visa: New payment-processor data breach not so new after all

[jkouns <jkouns () opensecurityfoundation org>]

Visa: New payment-processor data breach not so new after all
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=privacy&articleId=9128743&taxonomyId=84&intsrc=kc_top

Company says recent breach alerts involved ongoing probe of earlier 
system intrusion

February 27, 2009 (Computerworld) Days after Visa Inc. seemingly 
confirmed that a data breach had taken place at a third payment 
processor, following on the recent breach disclosures by Heartland 
Payment Systems Inc. and RBS WorldPay Inc., the credit card company is 
now saying that there was no new security incident after all.

In actuality, Visa said in a statement issued today, alerts that it 
recently sent to banks and credit unions warning them about a compromise 
at a payment processor were related to the ongoing investigation of a 
previously known breach. However, Visa still didn't disclose the 
identity of the breached company, nor did it say why it is continuing to 
keep the name under wraps.

Visa said that it had sent lists of credit and debit card numbers found 
to have been compromised to financial institutions "so they can take 
steps to protect consumers." The company added that it currently "is 
risk-scoring all transactions in real time, helping card issuers better 
distinguish fraudulent transactions from legitimate ones."

[..]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)

CREDANT Technologies, a leader in data security, offers advanced data encryption solutions.
Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently 
across your enterprise to ensure regulatory compliance.
http://www.credant.com/stopdataloss