27 July 2016
Find out more

Card data exposed as Radisson Hotels becomes latest breach victim

19 August 2009  |  8670 views  |  1 anonymous figure in front of stock exchange

In the latest data breach to hit the headlines, Radisson Hotels & Resorts says its computer systems have been illegally accessed, putting customer card details at risk.

In an open letter on its Web site, the chain says some of its hotels in the US and Canada are affected by the breach, which happened between November 2008 and May.

Names on credit and debit cards, as well as numbers and expiration dates are exposed but not social security numbers. Radisson says it does not know how many people have had their data exposed.

"We recommend that you review your account statements and credit reports closely. To the extent there is any suspected unauthorized card activity, it should be reported to the bank that issued your credit card," says the letter.

The firm says it was made aware of the breach by Visa, MasterCard and payment processors and is now working with law enforcement and forensic investigators.

A review of the affected computer systems is underway and additional security measures designed to prevent a recurrence of such an attack have been implemented.

Earlier this week prosecutors charged a Miami man with hacking into the computer networks of several firms - including Heartland Payment Systems, 7-Eleven and Hannaford Brothers - and stealing the details of 130 million credit and debit cards.
KeywordsCARD FRAUD

Comments: (1)

A Finextra member
A Finextra member | 20 August, 2009, 14:55

Over the past ten days, a string of card data thefts have been made public. Radisson Hotels & Resorts is the latest to announce that its computer systems have been illegally accessed, putting customer card details at risk. This follows the news that US authorities have charged 11 people in connection with the theft of credit card details in the country's largest-ever identity theft case. They are accused of stealing more than 40 million credit and debit card numbers before selling the information.

As fraudsters become ever more sophisticated and bold in their bid to steal credit and debit card data, financial institutions, merchants and industry players need to be confident that they have sufficient security measures in place to protect customers from fraud, even if their card details are compromised. Visa and MasterCard have been putting measures in place over the past few years to ensure that this is the case. VISA's Dynamic passcode authentication (DPA), like MasterCard's Chip Authentication Protocol (CAP), enables EMV IC cards (smart cards) to provide security in Internet transactions where the card cannot be presented to the merchant or bank. While this approach has been widely implemented for online banking, particularly in the UK, it now needs to be extended to e-commerce too. In fact, Visa has mandated that by June 2010, all Visa cardholders will need to use dynamic password strong authentication for all types of online transactions.

While security breaches and data theft instances are likely to occur regardless of how hard financial institutions and merchants try to protect their data and systems, the widespread roll-out of dynamic passcode authentication solutions in the form of personal Home Chip and PIN card readers for all online transactions will render such stolen data useless.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

FBI makes arrests in $80m bank fraud case

FBI makes arrests in $80m bank fraud case

19 August 2009  |  6945 views  |  0 comments
US man charged with stealing 130 million card numbers

US man charged with stealing 130 million card numbers

18 August 2009  |  9495 views  |  0 comments
Heartland swings to Q2 net loss as cost of data breach mounts

Heartland swings to Q2 net loss as cost of data breach mounts

04 August 2009  |  9241 views  |  0 comments
Network Solutions hack exposes 500,000 card accounts

Network Solutions hack exposes 500,000 card accounts

27 July 2009  |  9563 views  |  0 comments
Savvis faces bank lawsuit over CardSystems data breach

Savvis faces bank lawsuit over CardSystems data breach

26 May 2009  |  13181 views  |  0 comments
Hackers steal 285m electronic records in 2008 - Verizon

Hackers steal 285m electronic records in 2008 - Verizon

15 April 2009  |  12290 views  |  0 comments
US payment processor Heartland reports massive data breach

US payment processor Heartland reports massive data breach

21 January 2009  |  15188 views  |  1 comments
US financial institutions hit by 78 reported data breaches last year

US financial institutions hit by 78 reported data breaches last year

15 January 2009  |  9290 views  |  0 comments
Visit www.abe-eba.euVisit capgemini.comVisit VocaLink.com

Top topics

Most viewed Most shared
satelliteContactless Bitcoin startup Plutus Tap &am...
9503 views comments | 9 tweets | 4 linkedin
MasterCard agrees £700m VocaLink acquisitionMasterCard agrees £700m VocaLink acqu...
9412 views 14 comments | 32 tweets | 38 linkedin
Apps crush internet for UK banking loginsApps crush internet for UK banking logins
8244 views comments | 19 tweets | 25 linkedin
Telefonica Germany launches Fidor-backed mobile banking serviceTelefonica Germany launches Fidor-backed m...
6368 views comments | 15 tweets | 19 linkedin
hands typing furiouslyHow machine learning can cut costs on tran...
6050 views 0 | 10 tweets | 3 linkedin

Featured job

Find your next job