Information Security News mailing list archives
Vendor Breach Exposes Card Data, PII
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 15 Nov 2013 09:42:12 +0000 (UTC)
http://www.bankinfosecurity.com/vendor-breach-exposes-card-data-pii-a-6221 By Tracy Kitten Bank Info Security November 14, 2013The breach of an Ireland-based loyalty marketing company, which authorities confirm exposed payment card data on more than 376,000 consumers plus other personally identifiable information about more than 1 million, illustrates, yet again, the privacy vulnerabilities third parties pose, experts say.
Ireland's Office of the Data Protection Commissioner says card details on another 150,000 consumers "were potentially compromised." For now, however, it's offering few specifics. On Nov. 11, the commissioner confirmed only that card details for 70,000 customers of SuperValu, an Ireland-based grocer and food distributor, and 8,000 customers of AXA Insurance Ireland were exposed. Both used Loyaltybuild for holiday loyalty marketing programs.
Additionally, some Electric Ireland customers who participated in a loyalty program run by the Electricity Supply Board in 2007 and 2008 also have been impacted by the breach, the commissioner noted. Loyaltybuild notified the utility that names, addresses, phone numbers, e-mail accounts and booking references for those customers may have been exposed, according to the commissioner's office. But financial or card transaction data is not believed to have been affected.
The commissioner has not yet identified what other companies' customers had their card details exposed, including those elsewhere in Europe, but says the investigation into the breach is ongoing.
[...] -- Find the best InfoSec talent without breaking your recruiting budget! Post a Job, $99 for 31 days. Hot InfoSec Jobs - http://www.hotinfosecjobs.com/
Current thread:
- Vendor Breach Exposes Card Data, PII InfoSec News (Nov 15)