http://www.stripes.com/article.asp?section=104&article=54108
By Charlie Coon
Stars and Stripes
Mideast edition
April 17, 2008
No Community Bank customers lost money when an Internet site they used
to make purchases was attacked by a malicious computer program,
prompting the overseas military bank to cancel 867 Visa banking cards
last week.
The affected customers have been mailed a new bank card, according to
Thomas LaRock, a spokesman with the Defense Finance and Accounting
Service, which oversees the Defense Department.s contract with Bank of
America and its Community Bank subsidiary.
"The bank has made, and continues to make, every effort to directly
contact each of the 867 affected cardholders to inform them of the
incident and notify them that a new card has been issued," LaRock wrote
in an e-mailed response to Stars and Stripes.
Most of the customers were Germany-based, according to DFAS.
According to LaRock, the compromise apparently occurred when a malicious
computer program targeted an online merchant with rapid-fire fake
purchases. Once the purchases were authorized by the merchant, the
perpetrator used the authorizations to trace back the information to the
affected Visa cards.
"Once the [perpetrator] receives a transaction approval, they know they
now have a good number and begin to initiate fraudulent transactions
against the bank account the card is attached to," LaRock wrote.
Larock said that the perpetrator's methods did not directly target
Community Bank, and that fraudulent charges against customer accounts
were canceled. No customer suffered any monetary loss as a result of the
incident, he said.
Another Community Bank branch office employee, also located in Germany,
said on Friday that the targeted merchant was Ranger Joe's, a
Georgia-based online retailer of military and police gear. Ranger Joe's
did not return a phone call seeking comment, and LaRock could not
confirm that it was the source for the card cancellation.
"We are aware that [Ranger Joe's] was the apparent victim of a card
attack," LaRock said. "We have no knowledge whether this is in any way
connected with the fraud actions committed on the impacted Community
Bank cardholders."
Stars and Stripes learned of the problem last week when a soldier
deployed to Jalalabad, Afghanistan, told the newspaper he was unable to
make online purchases from there. The soldier said he called the
Community Bank office in Schweinfurt, Germany, and was told that his
card had been canceled.
Community Bank learned of the problem a day earlier, LaRock said. He
added that the bank did not contact affected customers before canceling
their cards because the cancellations were needed to prevent fraudulent
activity toward the customers. accounts.
-==-
Let identityLoveSock take your personal information into
their wanting hands. http://www.identity-love-sock.com/
Because victims have money too.
Comments