About
Subscribe

US 'hack attack` no major concern for SA

Rodney Weidemann
By Rodney Weidemann, ITWeb Contributor
Johannesburg, 25 Feb 2003

Despite the fact that a "hack attack" in the US last week compromised about eight million Visa and MasterCard accounts, local financial institutions feel the possibility for is minimal, although some local have nonetheless taken precautions.

The attack was caused when the security of a US-based card processing company`s computer systems were breached, and several banks reported that certain cardholders may have been compromised, although none had been defrauded.

According to reports, the only local account owners who may have been affected by the attack would be those who had recently travelled to the US or who had bought something over the Internet from a US-based company.

Standard Bank had 284 clients affected, Absa Bank 170 clients and First National Bank 139 clients. The banks have contacted the respective customers to inform them that their existing cards will be cancelled and new replacement cards re-issued free of charge.

"This is purely a precautionary measure, which has been taken in the best interests of customers," says FNB spokesman William Ramwell.

According to Chris Winter, Visa International`s GM for sub-Saharan Africa, the accounts in the central and eastern Europe, Middle East and Africa region that were potentially affected represent less than one-hundredth of 1% of the database intrusion.

"It has been several days since the intrusion and no cardholder accounts have been compromised to date, while Visa`s fraud team has notified all affected card issuing financial institutions and is working with the third-party payment card processor to protect against the threat of a future intrusion.

"Visa is monitoring the situation with its global compromised account management system, which is designed to monitor accounts for fraudulent activity."

Richard Peasy, group ISO for Absa Bank, believes the US attack was more a case of the hackers doing it to prove that they could, rather than an actual attempt to defraud anybody.

"The thing to remember is that in order to use the card for fraudulent purchases, the criminal would have to have the card number, the expiry date and also the three-digit CVV number on the back of the card, so it is highly unlikely that there would be any fraudulent use of the card."

He says Absa would have been informed by Visa or MasterCard - since the bank provides both options for its customers - had there been any problems with local accounts.

"While one should never say never, I don`t foresee SA experiencing an attack of this nature, as our financial institutions are far better than many of those in First World countries, and we do not use a third-party operator to process payments. Our banks do it themselves."

Related articles:

US credit card hack 'not possible in SA`
Compromised credit cards rise to 8m
Hacker accesses 2m credit cards

Share