Friday, May 27, 2011

Sounds like this could be big, but why would they not tell us who owned the terminal? Who are they covering for?

http://www.databreaches.net/?p=18440

AU: Major banks cancel credit cards after breach

May 27, 2011 by admin

Chris Zappone reports

A breach at a merchant has forced Commonwealth Bank, National Australia Bank, Westpac and its St George unit to cancel thousands of credit cards in the latest security issue to affect bank customers.

BusinessDay understands the matter is under police investigation, with CommBank issuing replacement cards from yesterday afternoon to about 8000 customers who might have been affected.

Read more in Brisbane Times

[From the Brisbane Times article:

CommBank discovered suspicious transactions on a number of credit card holders’ transactions and began cancelling the cards late yesterday. The bank pinpointed the merchant in common between the accounts and, as a precaution, cancelled the cards and reissued them, while notifying the bank that provides services to the merchant.

ABC News also reports on the breach:

All major banks have blocked, restricted or cancelled what totals thousands of credit cards in response to a potential security breach.

All four major banks and St George have confirmed to the ABC that some customers’ cards have been cancelled, blocked or restricted due to fears they had been compromised and would be open to fraud.

The Commonwealth Bank was the first to release information to the media, and says it detected the potential security breach through its continuous monitoring process.

CBA says a merchant EFTPOS terminal used by some of its customers was not secure, and there is a possibility customer information was ‘skimmed’.

Read more on ABC News.

[From the ABC article:

The banks' fraud detection systems can tell which customers have made transactions at the business where the security breach has occurred, and those customers have been deemed 'at risk'.



Another Japanese company breached?

http://www.databreaches.net/?p=18413

Honda Canada notifies customers of breach (UPDATED)

May 26, 2011 by admin

A DataBreaches.net reader alerted me that Honda Canada has been notifying some customers of a breach.

According to a May 13th letter he received (French version, pdf), a breach involving unauthorized access of the My Honda (myhonda.honda.ca) and My Acura (myacura.acura.ca) web sites was detected in March 2011 and affected customers who were on certain mail lists in 2009. Customers’ names, addresses, and vehicle identification numbers were involved.

Unless, of course, you got a letter dated May 12, which was sent to a different subset of customers for whom Honda Financial Service Account numbers were also involved. According to their representatives, the FSA number is an internal number only and cannot be used to access your bank account information.

So how many people were affected? Honda’s not saying, but a representative told our reader that the breach affected anyone who was on certain mailing lists in 2009. It appears that even if you didn’t create an account on their web sites, if they mailed you about upcoming specials in 2009, your data were involved.

An undated notice on Honda’s main web site, which is not easy to find because there is no link from the homepage, reads:

To our valued Honda customers:

Honda has learned of unauthorized access of some customer data. We would like to apologize for this incident and assure our customers that the protection and safe-keeping of your information is a responsibility that we take very seriously.

The incident involved the unauthorized access of information as held in our records in 2009, specifically name, address, Vehicle Identification Number (VIN), and in a small number of cases, Honda Financial Services (HFS) account numbers.

The information did not include any data that would typically be used for identity theft or fraud such as birth dates, telephone numbers, email addresses, credit card numbers, bank account numbers, driver’s license numbers, social insurance numbers, or dollar amounts of HFS financing or payments. [So, was notice even required? Bob]

We are in the process of notifying all the potentially affected customers by mail. We do not recommend that customers take any specific action at this time, other than being alert for marketing campaigns from third parties that reference your ownership of a Honda vehicle. Honda does not share its customer information with unauthorized third parties and does not contact customers asking for financial information.

Thanks to the reader who provided the letter.

Update: Jaikumar Vijayan of Computerworld reports that the company is notifying 280,000 customers. His coverage also provides an explanation of why customers who never created accounts on MyHonda or MyAcura were affected: the company prepopulated forms using customer data. Read more on Computerworld.



Another attempt to “eliminate cash” by replacing it with electronic money (rather than plastic money)

Google Wallet: the End of Anonymous Shopping

"Google today announced Google Wallet, an NFC-base payment system that will allow people to pay for purchases just by waving their phone across a reader. It's the beginning of a future where commercial transactions are 'frictionless' and convenient — but it's a future where every transaction can be tracked and data-mined, as Dan Tynan points out. Stores can user information about your Doritos purchases to rearrange their wares; Google could push coupons via its new Google Offers service; your health insurance company might be interested in your sodium intake."


(Related)

http://news.cnet.com/8301-27080_3-20066647-245.html

How secure is your wallet in Google's hands? (FAQ)



I'm sure this has mothing to do with Microsoft's purchase of Skype...

http://www.thetechherald.com/article.php/201121/7209/Skype-update-blamed-for-sudden-global-outage

Skype update blamed for sudden global outage

According to an official Skype blog post regarding the matter, sporadic outages around the world were arising due to the mistaken deletion of a file called “shared.xml”, which left a “small number” of users unable to sign-in or make Internet calls.

The overall Skype service was consequently shunted further askew when the Skype.com website was knocked offline as large volumes of customers sought out a solution to the initial connectivity problem.



Dilbert explains why many corporations are encouraging the use of Smartphones by their employees...

http://dilbert.com/strips/comic/2011-05-27/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+dilbert%2Fdaily_strip+%28Dilbert+Daily+Strip+-+UU%29


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)