Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
    Digg this story   Add to del.icio.us  
Debit-card fraud continues
Published: 2006-03-10

Controversy over the recent rash of debit-card fraud has prompted speculation as to the source, but with the sheer breadth of the fraud it seems certain that criminals have unlocked a new method of obtaining PIN numbers.

A number of banks have pointed towards third-party exposure of the data, and retailer OfficeMax is widely speculated to be the source -- this speculation is based on the data loss reported last month by the chain, however OfficeMax denies any blame in the incidents, an MSNBC article reports.

Many retail systems pass PIN numbers across a network unencrypted, and some of the more advanced transaction systems will store the PIN numbers in a temp file, despite warnings against such practices.

Investigations into the fraud are ongoing and widespread, involving everyone from local police agencies to the Secret Service and private organizations. The consequences of this theft remaining unchecked are dire for both consumers and businesses alike, and with consumers often on-the-hook for charges incurred (unlike with credit card transactions) the backlash against those found at fault could be substantial.

Posted by: Peter Laborge
    Digg this story   Add to del.icio.us  
 
Comments Mode:
Debit-card fraud continues 2006-03-11
Anonymous (3 replies)
Re: Debit-card fraud continues 2006-03-13
Anonymous (1 replies)
Re: Debit-card fraud continues 2007-11-05
Anonymous
Re: Debit-card fraud continues 2007-11-28
Anonymous
Debit-card fraud continues 2006-03-13
Anonymous
Debit-card fraud continues 2006-03-14
Anonymous (2 replies)
Re: Debit-card fraud continues 2006-03-16
Anonymous
Re: Debit-card fraud continues 2007-03-07
Anonymous
Debit-card fraud continues 2006-03-14
Anonymous (1 replies)
Re: Debit-card fraud continues 2006-04-10
Anonymous (1 replies)







 

Privacy Statement
Copyright 2009, SecurityFocus