Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Hackers in attack on RBS credit card firm

From: InfoSec News <isn () c4i org>
Date: Fri, 7 Nov 2003 00:56:28 -0600 (CST)
http://www.business.scotsman.com/banking.cfm?id=1224512003

6 Nov 2003

COMPUTER hackers have attacked a company that processes online credit
and debit card transactions for thousands of UK businesses, it has
emerged.

WorldPay, which is part of Edinburgh-based Royal Bank of Scotland
Group, said it had been bombarded with millions of bogus e-mails in
the past couple of days, which had left the firm struggling to deal
with genuine payments.

The Cambridge-based company has around 27,000 clients of all sizes
around the world, ranging from blue-chip heavyweights such as Vodafone
and Sony Music Entertainment to numerous small online retailers. The
bulk of its clients are located in the UK and mainland Europe, and
payment requests from websites are normally sent in via e-mail.

The firm said a massive number of messages from elsewhere had come in
to the same address over a 24-hour period. As a result, transaction
requests have either crashed or been slowed down.

However, it appears those behind the e-mails - which originate in the
Ukraine - have set out to disrupt business rather than attempt to
commit fraud. WorldPay said it was putting alternative systems in
place which should solve the problem.

In an e-mail sent to its customers, the firm said that "a co-ordinated
effort by a third party" had left the networks surrounding its payment
and administration systems "flooded with requests on a massive
computer generated scale".

A company spokesperson said: "It is important to stress that the
integrity of the WorldPay payment and administrative systems is intact
and there has been no third party access or interference with customer
or merchant data."

WorldPay operates in more than 70 countries and accepts payments on
major credit cards including Visa, Mastercard, Diners and American
Express. At the start of this year, Visa and Mastercard admitted a
hacker had gained access to more than five million credit card
accounts.

More recently, net provider PSINet and security firm PanSec
International said an unprotected website they set up as part of a
study was attacked about 2000 times a week over a two-month period.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: