Numbers from 10 million credit cards swiped by hackers

The privacy rights of 10 million Americans have been violated, according to warnings issued by credit card companies Visa and MasterCard. The credit card numbers of millions of people apparently were lifted in the first two months of this year.

Banks were put on alert to watch for suspicious, new credit cards being used from the numbers that were stolen. The intellectual property theft trickled down through blogs, which stated that neither company’s essential system was comprised. An investigation is underway to trace who, how and where the credit card numbers were stolen. Internet security analysts say the privacy weak spot was found in an unnamed U.S. payment services company.

Two financial institutions reportedly followed a trail of transactions on the stolen cards to New York City-centered parking garages. Within the last few weeks, a retiring FBI official informed companies and law enforcement about new Internet crime trends. The assistant director of the FBI’s Criminal, Cyber, Response and Services Branch warned that companies only realize data has been stolen after thieves hit business computer systems. The distance between the crime and the criminal is getting wider. The ability to follow, source, catch and prosecute Internet perpetrators becomes less likely as the clue trail grows colder.

The U.S. Federal Trade Commission urged Congress to help secure customer data by passing stricter privacy laws. Passing new laws to tighten privacy rules may not make hackers easier to find. Many data thieves use a victim’s own system to initiate and set off attacks around the world, leaving an almost-invisible trail. Personal data theft is not unusual.

But Americans who lose rack up huge credit card bills through no fault of their own may have grounds for a lawsuit against the hacker or the company for not protecting account numbers well enough.

Source: Scientific American, “Hackers Steal More Than 10 Million Mastercard and Visa Numbers,” Larry Greenemeier, Mar. 30, 2012