RBS WorldPay data breach puts 1.5 million cardholders at risk

RBS Worldpay, the electronic payment service, has admitted that hackers have broken into its systems and may have accessed the personal information of some 1.5 million cardholders and other individuals. Of these, some 1.1 million people may have had their social security numbers compromised by the hackers.

According to reports, the company informed law enforcement agencies and federal regulators of the incident on 10 November, but it waited until 23 December before issuing a press release and publishing advice to affected customers on its website.

I’m sure that if it had been my confidential information that might have been compromised that I would want to know about it as soon as possible, and I can’t help but think that making a public statement just before a major holiday may fulfil regulatory requirements but may “bury” the bad news from reporters.

RBS Worldpay is keen to stress that only 100 payroll cards have been used in a fraudulent manner so far, and that they have all been deactivated.

Of course, this isn’t the first time that Worldpay has suffered at the hands of hackers. In 2003 and 2004 the internet payment service was bombarded with distributed denial-of-service attacks that clogged its systems and seriously affected its ability to operate.