RBS WorldPay data breach puts 1.5 million cardholders at risk

Filed Under: Data loss

RBS Worldpay, the electronic payment service, has admitted that hackers have broken into its systems and may have accessed the personal information of some 1.5 million cardholders and other individuals. Of these, some 1.1 million people may have had their social security numbers compromised by the hackers.

According to reports, the company informed law enforcement agencies and federal regulators of the incident on 10 November, but it waited until 23 December before issuing a press release and publishing advice to affected customers on its website.

I'm sure that if it had been my confidential information that might have been compromised that I would want to know about it as soon as possible, and I can't help but think that making a public statement just before a major holiday may fulfil regulatory requirements but may "bury" the bad news from reporters.

RBS Worldpay is keen to stress that only 100 payroll cards have been used in a fraudulent manner so far, and that they have all been deactivated.

Of course, this isn't the first time that Worldpay has suffered at the hands of hackers. In 2003 and 2004 the internet payment service was bombarded with distributed denial-of-service attacks that clogged its systems and seriously affected its ability to operate.

, , ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at https://grahamcluley.com, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley