MADISON, Wis. (1/12/10)--Fraudsters are still testing and successfully accessing credit and debit card numbers not blocked or canceled in last year's Heartland Payment Systems data breach. CUNA Mutual's Risk Protection Center Friday reported to its policyholder credit unions that cards not blocked or canceled during the breach continue to be hit with card fraud, reported the New Jersey Credit Union League (Daily Exchange
Jan. 11). During the holidays several credit unions experienced card fraud on accounts that were compromised by the Heartland breach but not blocked or reissued. Last week two scenarios occurred:
* The fraud management system of a credit union that didn't block or reissue cards noticed a fraud trend on the monitored cards, with cards on a specific BIN targeted. Initially, the fraud was focused in the Midwest but migrated to the West and to some international locations. The fraud appeared to be concentrated at superstores, supermarkets and gas stations. The credit union is taking action to block and reissue the cards. * A credit union that did block and reissue cards from the breach noticed an increase in card "testing," with fraudsters testing cards for an authorization within seconds of each other. Because the cards were blocked, they were not authorized and the credit union did not experience any further fraud.
CUNA Mutual also alerted both Visa and MasterCard about the increase in activity and the scenarios. The insurer "strongly recommends" that credit unions that opted to monitor their members' cards instead of block and reissuing the cards after the breach go ahead and block and reissue any active cards that have not expired from Visa CAMS and MasterCard alerts. It anticipates that the "extremely active" fraud ring will continue to target the cards until they no longer provide approved authorizations. Even if a credit union has seen little or no fraud, it should stay alert to the fact that fraudsters may find a BIN of card numbers that provide an approved magnetic stripe authorization. Credit unions that blocked and reissued cards won't likely see subsequent magnetic stripe fraud from the breach because the reissued cards have new CVV/CVC values and card expiration dates.