Payments News

On The Web

nbsp;

Reports

Study: Only 11% Of Consumers Trust Retailers To Handle Data Breaches Properly – Retail TouchPoints

“Retailers face a significant mistrust issue when it comes to data breaches: only 11% of consumers trust retailers to properly handle data breaches, according to a survey by First Data. High-profile events, such as the HBC data breach that affected as many a 5 millionshoppers in 2018, can erode trust across the entire industry. But retailers have many tools to help them […]
nbsp;

Risk & Fraud

Retailers Were Inundated With 10 Billion Credential-Stuffing Attempts In Just Eight Months

“In the Web-services provider’s most recent “State of the Internet Security” report released Wednesday, Akamai says criminals like credential stuffingbecause it’s a numbers game. It’s an integral element in taking over a legitimate account to appear as the bona fide customer, thus skirting anti-fraud measures. In credential stuffing, criminals pull data from a database containing valid […]
nbsp;

Risk & Fraud

New Breed of Fuel Pump Skimmer? Not Really (Correction)

“An earlier version of this story cited an alert sent by the U.S. Secret Service and interviews with a company that helps merchants secure their payment terminals. The claims were that a circular device found on the side of a gas pump was a skimmer that was believed to be responsible for communicating with other Bluetooth-based skimmers […]
nbsp;

Regulation

California to Close Data Breach Notification Loopholes Under New Law

“The golden state’s attorney general Xavier Becerra announced a new bill Thursday that aims to close loopholes in its existing data breach notification laws by expanding the requirements for companies to notify users or customers if their passport and government ID numbers, along with biometric data, such as fingerprints, and iris and facial recognition scans, […]
nbsp;

Risk & Fraud

MyEquifax.com Bypasses Credit Freeze PIN — Krebs on Security

“Most people who have frozen their credit files with Equifax have been issued a numeric Personal Identification Number (PIN) which is supposed to be required before a freeze can be lifted or thawed. Unfortunately, if you don’t already have an account at the credit bureau’s new myEquifax portal, it may be simple for identity thieves to lift an […]
nbsp;

Risk & Fraud

Researchers who claim to have discovered the Citrix breach say Iran-linked hackers stole at least 6TB of data and may have first gained access 10 years ago

“Iranian-backed hackers have stolen vast amounts of data from a major software company that handles sensitive computer projects for the White House communications agency, the U.S. military, the FBI and many American corporations, a cybersecurity firm told NBC News. Citrix Systems Inc. came under attack twice, once in December and again Monday, according to Resecurity, which notified […]
nbsp;

Risk & Fraud

How Hackers Pulled Off a $20 Million Bank Heist

“Thanks to security holes in the targeted bank systems, attackers could have accessed internal servers from the public Internet, or launched phishing attacks to compromise executives—or even regular employees—to gain a foothold. Many networks didn’t have strong access controls, so hackers could get a lot of mileage out of compromised employee credentials. The networks also […]
nbsp;

Reports

Bountiful Stolen Personal Data Fuels Unrelenting Online Fraud Attacks, Forter Says

“In a time when criminal access to consumer data has never been more common, merchants continue to experience pervasive and persistent fraud attempts. That’s the key takeaway from the 2019 sixth annual Fraud Attack Index from Forter Inc. released Thursday. How bad is the problem? Fraud grew in 2018 in every online merchant segment tracked […]
nbsp;

Risk & Fraud

Insert Skimmer + Camera Cover PIN Stealer — Krebs on Security

“Very often the most clever component of your typical ATM skimming attack is the hidden pinhole camera used to record customers entering their PINs. These little video bandits can be hidden 100 different ways, but they’re frequently disguised as ATM security features — such as an extra PIN pad privacy cover, or an all-in-one skimmer over […]
nbsp;

Reports

UN Report: N. Korea Targets Cryptocurrency Exchanges, Banks

“Between January 2017 and September 2018, the Democratic People’s Republic of Korea carried out at least five successful attacks against cryptocurrency exchanges in Asia, resulting in the theft of $571 million in currency, the report concludes. The UN report also notes North Korea’s ability to attack banks across the world, including the Bangladesh Bank heist […]