Blogger parallels FIS and RBS WorldPay breaches

In a May 3, 2011, earnings call and first quarter 2011 financial statement, prepaid card processor Fidelity National Information Services Inc. (FIS) approximated the loss from a data breach at $13 million. The breach involved one client and 22 prepaid card accounts on its Sunrise platform, FIS said.

The financial statement added that FIS identified 7,170 prepaid card accounts that may have been affected and information from three individual cardholders' accounts may have been improperly disclosed as a result of the breach. FIS blocked and reissued cards for the affected accounts, the processor said.

According to blog KrebsonSecurity and based on information blogger Brain Krebs obtained from sources he said are close to the investigation, cyber thieves hacked into the FIS network and pilfered 22 open-loop, reloadable prepaid debit card accounts. Krebs reported the hackers apparently changed the withdrawal limits on the accounts, cloned the accounts onto blank cards and distributed the cards to colleagues in cities in Europe, Russia and Ukraine.

Using the cloned cards in a coordinated attack on March 5, 2011, the crime ring withdrew approximately $13 million in cash from dozens of ATMs in Greece, Russia, Spain, Sweden, Ukraine and the United Kingdom, Krebs reported. With unauthorized access to FIS' Sunrise platform, the fraudsters were able to reload the cards remotely for repeated withdrawals from the ATMs on that day, Krebs added.

Krebs called the FIS hack "eerily similar" to the 2008 RBS WorldPay Inc. breach that reportedly netted fraudsters $9 million.

In a statement to SellingPrepaid, Marcia Danzeisen, Senior Vice President of Global Marketing and Communications at FIS, said the company considers the matter closed. FIS continues to work with federal law enforcement as appropriate, she noted.

The KrebsonSecurity blog post can be accessed at www.krebsonsecurity.com/2011/08/coordinated-atm-heist-nets-thieves-13m/ .

Whether you want to upgrade your POS offerings, find a payment gateway partner, bone up on fintech regs or PCI requirements, find an upcoming trade show, read about faster payments, or discover the latest innovations in merchant acquiring, The Green Sheet is the resource for you. Since 1983, we've helped empower and connect payments professionals, starting with the merchant level salespeople who bring tailored payment acceptance and digital commerce tools, along with a host of other business services to merchants across the globe. The Green Sheet Inc. is also a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals.

Notice to readers: These are archived articles. Contact information, links and other details may be out of date. We regret any inconvenience.