Data Breach Ripples: Week of March 06

Posted by Zach Walker on Mar 6, 2015 1:30:00 PM
Find me on:


In this week's issue: a data breach was announced affecting Mandarin Hotels, MasterCard backs Samsung Pay following the Mobile World Congress, several finanical institutions are starting to see a rise in fraud related to Apple Pay, a Canadian ISP suffers a data breach and in the latest Rippleshot blog post, we dive into the New York State Department of Financial Services latest report on cyber security in the insurance sector.

Payment Card Data Breach at Mandarin Hotels 

Following inquiries from KrebsOnSecurity regarding patterns of fraudulent activity on cards of hotel guests used at Mandarin Hotels, the company has confirmed that is currently investigating the potential breach. While the company believes that “the breach has only affected credit card data and not any other personal guest data, and credit card security codes have not been compromised,” due to the high profile nature of Mandarin Hotel guests, these cards could fetch a higher price on the underground markets.

The Mandarin Oriental Group has properties nationwide including hotels in Boston, Miami and New York.

MasterCard Backs SamsungPay

Samsung recently announced its acquisition of LoopPay and its new mobile wallet, Samsung Pay. With an expected launch date of Summer 2015 for U.S. consumers, another mobile wallet will enter the payments arena to compete with Apple Pay and Google Wallet.

Following the Mobile World Congress held earlier this week, MasterCard announced in a press release that it will be working with the technology company to enable MasterCard cardholders to make purchases with Samsung Pay using the yet to be released Samsung Galaxy S6.

As more details become available, be sure to check back on our blog and Twitter account for the latest updates.

Is Fraud Running Rampant on Apple Pay?

As Apple Pay approaches its 6 month anniversary since the mobile payment service’s initial release, the consensus on Apple Pay’s effectiveness and impact on stopping fraud is still not in. In an aticle written by The Guardian, it appears that Apple Pay is being used by fraudsters to make fraudulent transaction due to stolen payment card details and stolen identities.

According to the sources with knowledge of the issue, fraudsters are using an exploit to add stolen credit & debit cards to their iPhones. It appears that some card issuing banks and credit unions are verifying the stolen payment cards before they are added in Apple Pay’s wallet.

Hackers Breach Canadian ISP, Rogers Communications

A Canadian Internet Services Provider (ISP), Rogers Communications, confirmed that sensitive company data and that of its customers was compromised. Rogers Communications believe the security incident occurred due to a successful social engineering attack on one of its employees. According to a spokeswoman for Rogers Communications, Patricia Trott, a cyber criminal gained access to a employee's work email, exposing dozens of contracts for telecommunication services as well as email correspondence from said employee.

Rippleshot Content: NY DFS Report on Cyber Security In Insurance Sector 

In February, the New York State Department of Financial Services (DFS) released a report on cyber security in the Insurance sector, shining light on an industry that has recently seen the nation’s second largest insurer suffer a massive data breach. We here at Rippleshot read through the DFS report and recapped some of the key trends and takeaways that insurers are experiencing in 2015 in our latest blog post

Thanks for reading this week’s newsletter. If you missed the last Data Breach Ripples email or want to share these with friends or colleagues, click HERE!


 New Call-to-action


Topics: Data Breach Ripples