http://www.zdnet.com/blog/security/...nk-breach-releases-visa-mastercard-data/12519
Hacker claims mass bank breach; releases Visa, Mastercard data
By Zack Whittaker | June 19, 2012, 9:33am PDT
Summary: More than 79 banks have been breached, claimed a hacker on Twitter. Following a data release on Tuesday, he said he has more than 50 gigabytes of U.S. and foreign bank data in his hands.
A hacker, who claimed on Twitter to have illegally accessed the networks of dozens of large banks, has released a vast cache of personal information relating to Visa and Mastercard credit card data.
More than 1,700 separate account details were included in the cache.
From the data included in the data dump: customer names, the debit or credit card type - Visa or Mastercard - along with postal addresses, phone numbers, and email addresses are all included.
“Grey-hat” hacker Reckz0r - who oddly enough also goes by the name “Jeremy” - said on Twitter that he had targeted 79 banks for around three months.
The data breach does not appear limited to the United States. Foreign banks and account details are noted, including from the United Kingdom and Canada.
The data released on Tuesday was compressed in a plain-text document and uploaded to the Web.
The hacker said he took more than 50 gigabytes of data, and that this release is only a fraction of the total amount.
Credit card details do not appear in this release, though a Pastebin post explains that he is “censoring the credit card information” - including the “credit card number, secret code [and] expiry date.”
The targeted banks have not all been named, with the exception of Chase, which was singled out in a separate tweet. The hacker indicated other high profile banks were included.
He also noted on Twitter that Visa and Mastercard were “not hacked,” despite a contrary claim in the PasteBin post that says he did.
It is not yet clear whether this relates to a breach earlier this year, following both Visa and Mastercard warning banks that a credit card processor had suffered an intrusion.
Global Payments came forward as the processor at the center of the breach. No more than 1.5 million accounts were affected, the company said last week.
But it is not yet clear whether this relates to the Global Payments breach earlier this year or not.
In a text document file included with the downloadable file, he said: “I don’t give a s**t if you’re included, it’s all about security, folks.”
Sister site CNET understands the hacker ‘retired’ to become a white-hat hacker and would “use my intelligence for good.” He said he had left the infamous hacking group UGNazi, along with hacking collective Anonymous in a separate Pastebin post.
Questions have been left with Visa and Mastercard in regards to this story. No spokespeople were available from either company at the time of writing.
Hacker claims mass bank breach; releases Visa, Mastercard data
By Zack Whittaker | June 19, 2012, 9:33am PDT
Summary: More than 79 banks have been breached, claimed a hacker on Twitter. Following a data release on Tuesday, he said he has more than 50 gigabytes of U.S. and foreign bank data in his hands.
A hacker, who claimed on Twitter to have illegally accessed the networks of dozens of large banks, has released a vast cache of personal information relating to Visa and Mastercard credit card data.
More than 1,700 separate account details were included in the cache.
From the data included in the data dump: customer names, the debit or credit card type - Visa or Mastercard - along with postal addresses, phone numbers, and email addresses are all included.
“Grey-hat” hacker Reckz0r - who oddly enough also goes by the name “Jeremy” - said on Twitter that he had targeted 79 banks for around three months.
The data breach does not appear limited to the United States. Foreign banks and account details are noted, including from the United Kingdom and Canada.
The data released on Tuesday was compressed in a plain-text document and uploaded to the Web.
The hacker said he took more than 50 gigabytes of data, and that this release is only a fraction of the total amount.
Credit card details do not appear in this release, though a Pastebin post explains that he is “censoring the credit card information” - including the “credit card number, secret code [and] expiry date.”
The targeted banks have not all been named, with the exception of Chase, which was singled out in a separate tweet. The hacker indicated other high profile banks were included.
He also noted on Twitter that Visa and Mastercard were “not hacked,” despite a contrary claim in the PasteBin post that says he did.
It is not yet clear whether this relates to a breach earlier this year, following both Visa and Mastercard warning banks that a credit card processor had suffered an intrusion.
Global Payments came forward as the processor at the center of the breach. No more than 1.5 million accounts were affected, the company said last week.
But it is not yet clear whether this relates to the Global Payments breach earlier this year or not.
In a text document file included with the downloadable file, he said: “I don’t give a s**t if you’re included, it’s all about security, folks.”
Sister site CNET understands the hacker ‘retired’ to become a white-hat hacker and would “use my intelligence for good.” He said he had left the infamous hacking group UGNazi, along with hacking collective Anonymous in a separate Pastebin post.
Questions have been left with Visa and Mastercard in regards to this story. No spokespeople were available from either company at the time of writing.
