Credit card information from about 6,000 people was sold on the dark web after The City of St. John discovered that it’s parking system had been hacked with a malware that collected credit card information for the previous 18 months from those paying parking tickets.
Ryan Wilk, VP of Customer Success at NuData Security:
“Once data has been stolen, it’s used in a number of ways, including account takeover and identity fraud. More recently, we’ve seen a change in the value of stolen data as more and more intuitions are implementing user authentication solutions that render stolen data valueless. The loss of credit card data is a worry for everyone. The data lost has the potential to be lucrative in the hands of cybercriminals, who can use the card number and CVC to accurately mimic the legitimate customer in order to make fraudulent purchases, or facilitate further cybercrime. By using security layers with behavioural analytics and passive biometrics, businesses can look across multiple aspects of the user’s interaction, instead of relying solely on the username, password and other static data which could have been stolen. Such techniques devalue phishing attacks and other techniques to extract data from legitimate consumers, as this is not enough to access a victim’s account or make illegitimate purchases. Additionally, it creates a dynamic and intelligent authentication solution that is seamless, frictionless, and un-obtrusive to end users.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.