07 December 2016
Visit aciworldwide.com

Full extent of FIS data breach comes to light

04 June 2013  |  14020 views  |  0 safelock

A 2011 cyber attack on FIS was far more serious than initially reported, according to a Federal Deposit Insurance Corp (FDIC) investigation which also raises questions about the vendor's security practices.

In May 2011 FIS revealed it had taken a $13 million hit in connection with its Sunrise pre-paid card platform. The loss "related to unauthorised activities involving one client and 22 prepaid card accounts" and the company also identified 7170 pre-paid accounts that may have been at risk.

According to security blogger Brian Krebs, the crooks upped the limits on the pre-paid cards, cloned them and then withdrew the $13 million from ATMs around the world.

Now Krebs has obtained a copy of the FDIC report on the breach sent out to hundreds of FIS customer banks earlier this month. It reveals that the intrusion was not confined to the Sunrise pre-paid card platform and that "experts identified over 2000 touch points that indicated a broad exposure of internal FIS systems and client related data".

Continues the report: "These systems include, but are not limited to, the The New York Currency Exchange ATM network, prime core application systems, and various Internet banking, ACH, and wire transfer systems. These touch points also indicated approximately 100 client financial institutions, which appear to have had sensitive data exposed by the attackers."

FIS has told Krebs that no clients lost any money as a result of the breach and that it has invested around $100 million over the last two years strengthening its information security and risk position.

Read the full Krebs blog post here

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related company news

 

Related blogs

Create a blog about this story (membership required)
http://www.financialcrimerisk.fiserv.com/aml?r=finextraVisit aciworldwide.comVisit capgemini.com

Who is commenting?

A Finextra member Finextra Member Commented on: Payments regulator blo...
A Finextra member Finextra Member Commented on: AML Transaction Monito...
A Finextra member Finextra Member Commented on: Payments regulator blo...

Top topics

Most viewed Most shared
Guesswork alone can crack Visa card security - Newcastle UniversityGuesswork alone can crack Visa card securi...
7302 views 12 comments | 15 tweets | 26 linkedin
OCC to offer fintech firms bank charter statusOCC to offer fintech firms bank charter st...
6669 views comments | 25 tweets | 15 linkedin
China tops world fintech rankingsChina tops world fintech rankings
6411 views comments | 34 tweets | 29 linkedin
Amazon signs up tech firms to financial services cloud programmeAmazon signs up tech firms to financial se...
6147 views comments | 14 tweets | 15 linkedin
Fed Governor sounds warning on alternative credit scoring dataFed Governor sounds warning on alternative...
5714 views comments | 15 tweets | 16 linkedin

Featured job

Find your next job