A security breach in a UK store meant that thieves stole sensitive user details from 2,000 shoppers who used their credit cards. MasterCard itself alerted users of the problem and informed them that the card issuer was suspending potentially compromised accounts. It is known that the Clydesdale Bank is one of the affected card providers, but it unknown what, if any, other banks were involved. It is also unknown if other payment systems other than MasterCard were affected by the breach.
Theft of personal financial data is currently a fast-growing crime that nets thieves more and more money as their technology and methods become increasingly sophisticated. Carelessness by officials is also a significant source of data breaches and recently the State of Ohio was in the news concerning the distribution of 20 disks issued before the spring primary election races. The disk contained personal details of 7,7 million voters, and many entries included Social Security numbers, a prized asset for modern cybercriminals. State officials recalled those disks and promised to replace them with databases that will not contain the Social Security details.
Earlier in the year officials in Ohio had also published sensitive personal data on official websites open for public and anonymous access. Some 10,000 residents of the state had their details published over the last several years on a website that registered details of high-cost purchases. Last year MasterCard also suffered a massive data theft at CardSystems, a third-party processor, in which cybercriminals made off with some 40 million personal records. An estimated 13,9 million MasterCard branded credit cards were involved in that incident.
A spokesperson for MasterCard said about the UK breach: “MasterCard is aware of a potential security breach at a UK-based retailer. But because this is an ongoing investigation, we cannot disclose specific details regarding the incident or comment, other than to say that we are cooperating and we have notified the banks that issue MasterCard cards to monitor for any suspicious account activity and take the necessary steps to protect cardholders.”
The company also stated that their own security was not compromised: “MasterCard’s systems have not been breached and no MasterCard data have been compromised. MasterCard International is concerned whenever cardholders are inconvenienced and we will continue to monitor this event.”