Hack of a second U.S.-based payment processing firm exposes accounts used in Internet, phone transactions, according to credit union alerts

http://www.darkreading.com/

http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=214502489&cid=nl_DR_WEEKLY_H

Alan’s Note First: Someone should fix those credit card processors - or whoever is responsible for processing holds on many sales and not clearing those holds. I often get Pending Transactions followed by the Actual Transaction - even on purchases where there’s no reason for a hold to be placed. You see holds, I thought, were supposed to go on Rental Cars and Hotel Rooms - and such where you’re not done owing them money. But it seems like more and more “everyone” is holding first and then charging… and often not releasing the hold before the charge. Many card holders may not realize this is happening on credit cards - because they don’t watch their transactions on a daily basis. I do. Most of the merchants where this happens tell me (wink wink) that this is OK if will come of in week or 10 days. To which I reply (wink wink) why don’t you just send me $1000 and I’ll hold it for you 10 days and then give it back. Fair is fair after all. What I’m saying is that something’s broken there. With real-time transactions … the hold goes in right quick … the transaction goes in right quick. There’s no fricking reason I can see that the release of the hold cannot go in right quick. There’s no reason to double bill someone for any length of time. If anyone can tell me a reason - I’d love to hear it?

(off of soapbox, engage regular article mode…)

* That being said … “those that have the ability to take action have the responsibility to take action” (I heard  that on one of the National Treasure Movies - supposedly derived from a line in the Declaration of Independance *I believe*.) Those that handle our money should be liable for any losses we have whenever they would fail to properly secure our transactions and our information. (here goes the real article)

Hack of a second U.S.-based payment processing firm exposes accounts used in Internet, phone transactions, according to credit union alerts

Feb 23, 2009 | 02:40 PM

By Kelly Jackson Higgins
DarkReading

Brace yourself for another payment-processor breach: A second U.S.-based payment acquirer/processor has been hit with a network hack that exposed consumers’ credit card accounts.As of this posting, the victim firm’s identity had not been revealed. According to several credit unions, Visa recently alerted them that another payment processor had discovered a data breach. Among the credit unions issuing alerts about the breach on their Websites are The Tuscaloosa VA Federal Credit Union and the Pennsylvania Credit Union Association. The Open Security Foundation has a notice posted on its DataLossDB site.The latest breach follows that of Heartland Payment Systems, which went public on Jan. 20 about discovering malware on its processing system; some security experts have called it the largest security breach ever. Heartland processes 100 million payment card transactions per month for 175,000 merchants.(more at the link)

—

Alan Spicer Marine Telecom

http://www.marinetelecom.net

http://www.wifiyacht.net

+1 954 683 3426

This entry was posted on 26. February 2009 at 23:19 and is filed under Main. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response or trackback from your own site.