MasterCard, Visa confirm credit card data theft described as 'massive'

Source: MSNBC

Law enforcement officials are investigating what appears to be a massive theft of U.S. consumers' credit card data, MasterCard and Visa confirmed Friday. The computer security expert who first reported the theft said it might involve as many as 10 million MasterCard and Visa accounts, making it one of the largest known credit card heists.

"MasterCard is currently investigating a potential account data compromise event of a U.S.-based entity and, as a result, we have alerted payment card issuers regarding certain MasterCard accounts that are potentially at risk," that association said in a statement. "Law enforcement has been notified of this matter and the incident is currently the subject of an ongoing forensic review by an independent data security organization."

The theft was first reported by well-known computer security journalist Brian Krebs on his blog, KrebsonSecurity.com. Krebs said the crime involves compromise of a credit card payment processor — a "middle man" that handles transactions between retailers and banks. The name of that institution is unknown, but processors have long been a target of identity thieves because of the enormous amounts of data they control. In 2008, Princeton, N.J.,-based Heartland Systems was hacked, exposing tens of millions of credit card account numbers to theft.

Krebs reported that hackers had access to the unknown processors data from Jan 21 through Feb 25, and were able to siphon off enough data to easily create counterfeit cards. His sources called the leak "massive."

Read more: http://redtape.msnbc.msn.com/_news/2012/03/30/10940640-mastercard-visa-confirm-credit-card-data-theft-described-as-massive