[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Debit-card program cancelled because of fraud [FWD]

To: [email protected]
Subject: Debit-card program cancelled because of fraud [FWD]
From: Steve Schear <[email protected]>
Date: Wed, 7 Jan 1998 11:09:25 -0800
Sender: [email protected]

Date: Sun, 28 Dec 1997 09:22:45 -0500
From: Steve Bellovin <[email protected]>
Subject: Debit-card program cancelled because of fraud

According to the AP, Burns National Bank (Durango, CO) is cancelling its
debit-card program because of fraud.  The article is maddeningly incomplete
about technical details.

Apparently, the "hackers" (to quote the article) counterfeited plastic cards
and "took account number sequences off software that resides on the Internet
before encoding them in the magnetic strip on the back of the card."  When
the fraud was detected, some customers had new cards issued, with some
unspecified extra security feature.  It didn't work; within a month, the
accounts were penetrated again.

Three other banks have been victimized by a similar scheme.  All four use
the same debit card vendor; Burns blames the vendor for inadequate security,
in some unspecified form.  They're looking for a new supplier; until then,
the entire program is being suspended.  Losses to date -- which are
apparently being absorbed by the banks -- total $300,000.

Prev by Date: Re: Too many "Internet Conferences" in Washington (fwd)
Next by Date: Re: Too many "Internet Conferences" in Washington
Prev by thread: Re: Too many "Internet Conferences" in Washington (fwd)
Next by thread: Bruce Schneier, Sandia, FBI and the REAL WORLD
Index(es):
- Date
- Thread