Archive Links

Consumer Archive
CU System Archive
Market Archive
Products Archive
Washington Archive

News Now

CU System
Fraudsters still testing cards from Heartland breach
MADISON, Wis. (1/12/10)--Fraudsters are still testing and successfully accessing credit and debit card numbers not blocked or canceled in last year's Heartland Payment Systems data breach. CUNA Mutual's Risk Protection Center Friday reported to its policyholder credit unions that cards not blocked or canceled during the breach continue to be hit with card fraud, reported the New Jersey Credit Union League (Daily Exchange Jan. 11). During the holidays several credit unions experienced card fraud on accounts that were compromised by the Heartland breach but not blocked or reissued. Last week two scenarios occurred:
* The fraud management system of a credit union that didn't block or reissue cards noticed a fraud trend on the monitored cards, with cards on a specific BIN targeted. Initially, the fraud was focused in the Midwest but migrated to the West and to some international locations. The fraud appeared to be concentrated at superstores, supermarkets and gas stations. The credit union is taking action to block and reissue the cards. * A credit union that did block and reissue cards from the breach noticed an increase in card "testing," with fraudsters testing cards for an authorization within seconds of each other. Because the cards were blocked, they were not authorized and the credit union did not experience any further fraud.
CUNA Mutual also alerted both Visa and MasterCard about the increase in activity and the scenarios. The insurer "strongly recommends" that credit unions that opted to monitor their members' cards instead of block and reissuing the cards after the breach go ahead and block and reissue any active cards that have not expired from Visa CAMS and MasterCard alerts. It anticipates that the "extremely active" fraud ring will continue to target the cards until they no longer provide approved authorizations. Even if a credit union has seen little or no fraud, it should stay alert to the fact that fraudsters may find a BIN of card numbers that provide an approved magnetic stripe authorization. Credit unions that blocked and reissued cards won't likely see subsequent magnetic stripe fraud from the breach because the reissued cards have new CVV/CVC values and card expiration dates.
Other Resources

RSS print
News Now LiveWire
.@BelvoirFederal revamped the checking acct. it offers to active duty military members and achieved 23% growth on the product in 1 mo.
7 hours ago
.@FinancialCmte markup of Reg D Study Act set for Tuesday. CUNA will submit support letter. http://t.co/cDWkZ0Q0x1
11 hours ago
The 54th Western CUNA Management School graduated 89 students on July 25.
11 hours ago
.@CUNA Bank Secrecy Act training to reach 38 Mich. state examiners #NewsNow http://t.co/7HDPgwih8G
13 hours ago
St. Louis treasurer taps #creditunion to serve unbanked #NewsNow http://t.co/lWtcezJOej
7 25 ago