Public Free-for-all Credit Cards
The greatest mystery is, perhaps, why it took so long to notice. With a globe’s worth of observers, certainly someone knew about it all along.When a cache (literally) of 19,000 credit cards are exposed world-wide, one would think security experts would know about it. Finally, a concerned citizen of Australia came forth and alerted credit card security experts at the major associations (VISA, MC, AMEX and debit card interchangers like Cirrus). Rumors are that the exposure had been known by IT experts many months before the credit card vulnerability was finally (or at least publicly) reported and addressed. But, even after our concerned citizen made the report, only AMEX ever responded back to him.
As the story goes, a certain format of Google search of the common templates (first six credit card digits), identifying the association (like VISA or MC) would scan the world, looking for every instance. Sounds elementary enough. But, when sorting through the gibberish’, a huge list of credit card-vital data listed itself.
Since it was the type of information expected to be found in the database of a payment processor, it was initially assumed to have come from a TPP (3rd-Party Processor). Later findings, however, revealed that the source was actually a credit card black market server in Viet Nam with lousy security. The cards were waiting for sale to prospective customers. In performing the upload to the server in the first place, a trail of stored cache was left on the Internet that was never erased. So, even after the server was taken off-line, the data upload was still suspended in Internet cache, just waiting to be discovered.
As far as the thieves, guess they’re out of luck now. Reports are, the exposed credit card accounts have been closed. Maybe they’ll get lucky and find even more hapless thieves to buy the worthless information. Originally, the information would have been quite valuable. PANs (actual credit card numbers), CVVs, Exp.Dates, Cardholder Names and Addresses are some of the most valuable information. Enough for a savvy thief to set up shop and earn a good living. But now, it’s all gone. Hope they had good insurance.
Categories: Uncategorized
