NTA Monitor

Latest News

60% of UK website tests revealed Internet encryption and cross-site scripting vulnerabilities

10th April 2008 60% of web application tests performed for UK organisations showed that their websites contain weak encryption or cross-site scripting (XSS) vulnerabilities Read More

Demilitarised Zone most secure option for BlackBerry device

28th February 2008 Recent BlackBerry testing by IT security consultancy, NTA Monitor, has revealed that organisations are still not configuring these mobile devices correctly Read More

Retailers should put security top of their Christmas list

13th November 2007 With British consumers spending more than £6.6 billion online in the last two months of last year, the 2007 festive season is set to be one of great cheer for online retailers Read More

Businesses warned not to have skeletons in cupboards

13th November 2007 For many organisations, the festive season is an opportunity to heave a corporate sigh of relief and enjoy the brief respite in frenetic business activity as countless people all over the world, go home to celebrate Christmas Read More
Date: 1st June 2006
Risk: Low

Over 4000 MasterCard and Visa holders have had their cards stopped after a security breach with a UK online retailer. Morgan Stanley and Clydesdale Bank customers have been affected; at first it was thought that 2000 cards had been compromised but it has more recently come to light that at least 4000 cardholders are affected.

MasterCard stated: "In order to protect cardholders, MasterCard and its card-issuing banks operate state-of-the-art, multilevel fraud monitoring systems. Together, we look for patterns of activity consistent with fraud. Issuers can then monitor their cardholders' accounts closely for fraudulent activity, and may reissue cards or take other actions if they suspect fraud has occurred." A spokesman for Visa Europe said: "Visa Europe can confirm that it is aware of a suspected data compromise involving a UK-based online merchant. A full investigation is continuing and Visa is working closely with all appropriate organisations to resolve this issue as a matter of urgency." The retailer responsible has not been named.

The Payment Card Industry Data Security Standards (PCI) were created in June 2005 by MasterCard, Visa, American Express, Diners, Discover and JCB to increase the security of websites, so it will be very interesting to see how this issue is dealt with.

References

http://www.silicon.com/financialservices/0,3800010322,39158482,00.htm http://www.computerweekly.com/Articles/Article.aspx?liArticleID=215671&liFlavourID=1 http://news.bbc.co.uk/1/hi/technology/4449759.stm