PIN Scandal 'Worst Hack Ever'; Citibank Only The Start
The scam has hit national banks like Bank of America, Wells Fargo, and Washington Mutual, as well as smaller banks, all of which have reissued debit cards in recent weeks, says a Gartner research vice president.
The unfolding debit card scam that rocked Citibank this week is far from over, an analyst said Thursday as she called this first-time-ever mass theft of PINs "the worst consumer scam to date."
But Citibank is only the tip of the iceberg, said Avivah Litan, a Gartner research vice president. The scam -- and scandal -- has hit national banks like Bank of America, Wells Fargo, and Washington Mutual, as well as smaller banks, including ones in Oregon, Ohio, and Pennsylvania, all of which have re-issued debit cards in recent weeks.
"This is the worst hack ever," Litan maintained. "It's significant because not only is it a really wide-spread breach, but it affects debit cards, which everyone thought were immune to these kinds of things."
Unlike credit cards, debit cards offer an additional level of security: the password-like Personal Identification Number, or PIN.
"That's the irony, the PIN was supposed to make debit cards secure," Litan said. "Up until this breach, everyone thought ATMS and PINs could never be compromised."
Litan's sources in the financial industry have told her that thieves hacked into a as-yet-unknown system, and made off with data stored on debit cards' magnetic stripes, the associated "PIN blocks," or encrypted PIN data, and the key for that encrypted data.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.