IT’S been estimated that around 50 Cypriots and foreigners living on the island have been compromised by a huge credit card security breach in the United States.
Takis Fekkos, General Manager of JCC Payment Systems, Cyprus’ only credit card payment processing company, said “the owners of the affected cards have been notified of the security breach and have had their cards, issued by Cypriot banks, cancelled. It is thought that the hacker or hackers responsible have been operating for a couple of years, but they haven’t been caught as they are using only 0.5 per cent of cards captured.”
He added, “here in Cyprus, the figure for credit card fraud is lower than the EU average and we haven’t noticed any unusual activity so far.”
The card centre manager of the Bank Of Cyprus, Harris Pistos, said, “we have had 21 credit cards affected where a hacker managed to capture full card data, but none of these cards has been used.
“Earlier this week, we contacted all 21 customers to inform them of their card cancellations and have since issued them with new cards as a security precaution.”
He added that, “even if any card had been used without the cardholder’s authorisation, the bank would then immediately reimburse the customer.”
Pistos also said that there were an additional couple of hundred Bank Of Cyprus credit cards from which hackers captured incomplete data.
“These customers have also received new cards. We told them not to worry as their cards could not have been used illegally.”
VISA and MasterCard notified Cypriot banks on Sunday morning of a possible security problem.
The scare first came to light when it emerged that a computer hacker may have broken into more than 40 million credit card accounts, US company officials say.
MasterCard International said the breach was traced to a company in Atlanta, which processes transactions for banks and merchants.
All brands of credit cards could be affected, it warned.
The company, CardSystems Solutions, said it identified the breach last month and immediately contacted the FBI, which was investigating.
MasterCard announced the breach in a news release on Friday, saying security “vulnerabilities” had allowed an unauthorised individual to infiltrate the network of CardSystems and access the cardholder data.
It said 14 million of its customers may have been exposed to fraud. Another 22 million were VISA cards, said a spokeswoman for the VISA company.
MasterCard spokeswoman Sharon Gamsin told the Associated Press news agency the data – names, banks and account numbers – could be used to steal funds, but not identities. The company was notifying banks that issue MasterCards.
It has been reported that less than six per cent of cards that may have been affected are in Europe.
A statement issued by CardSystems a week ago read: “CardSystems Solutions, Inc., identified a potential security incident on Sunday, May 22. On Monday, May 23, CardSystems contacted the Federal Bureau of Investigation. Subsequently, the VISA and MasterCard Card Associations were notified to alert them of a possible security incident. CardSystems immediately began a remediation process to ensure all systems were secure. Additionally, CardSystems immediately engaged an independent third party to validate systems security.
“Since that time, concurrent to the investigation proceedings, CardSystems is completing the installation of enhanced/additional security procedures recommended by the security assessor involved in the investigation.
“We understand and fully appreciate the seriousness of the situation. Our customers and their customers are our lifeblood. We are sparing no effort to get to the bottom of this matter. Our goal is to co-operate fully with the FBI to complete the investigation and ensure that we do nothing that might compromise the investigation.”
