Byte by Bite

Credit card security scandal affects millions

by Marv Dealy

Published June 24, 2005

Well, this ought to make your day. Mastercard International has announced that 40 million credit card accounts were compromised at CardSystems, a company that handles transactions between financial companies and merchants.

In a story at Silicon.com, Joris Evers writes that “The data security breach, possibly the largest to date, happened because intruders were able to exploit software security vulnerabilities to install a rogue program on the network of CardSystems…The program captured credit card data…” (http://software.silicon.com/security/0,39024655,39131314,00.htm)

The bad guys code was only discovered by suspicious investigators following up on atypical reports of fraud from several banks. Mastercard’s probe discovered that CardSystems didn’t destroy records that should have been, and that transaction data saved wasn’t in an encrypted format.

CardSystems said 22 million Visa and 13.9 MasterCard accounts were affected. The remainder were Discover and American Express.

The good news is that while the thugs got away with names, account numbers and verification codes, they didn’t get social security numbers, addresses or dates of birth, all necessary for identify theft.

Cardholders from around the world are affected, with reports of 125,000 cards in Australia, and 140,000 in Japan, where damages as a result of illegal use of credit cards have amounted so far to 7 million yen. (http://www.asahi.com/english/Herald-asahi/TKY200506210125.html)

This breach of security comes on the heals of UPS admitting it “lost” data storage tapes containing personal information for 3.9 million shippers that were being sent to a credit bureau. (http://www.p2preactor.com/article2214-citigroup-ups.html)

You will want to watch your cards’ activity more carefully than ever. Most banks will limit your exposure to maybe $50, but you have to report any transactions that you didn’t make within a limited time, or you’ll end up getting stuck with the bill.

The moral to this next story is learn how to use bcc: in your e-mail.

In a large “woops,” the University of Kansas sent out a group e-mail to 119 students who all failed all their classes. (http://www.usatoday.com/tech/news/2005-06-17-email-failing-students_x.htm) The AP story reports that the school’s Office of Student Financial Aid was where the e-mail originated, and the names of all 119 recipients were displayed for all to see. The office had sent out the bad news e-mail to ask for information from the students to see if they remained eligible for student aid.

One of the students, who actually has a master’s degree and over 200 college credits and who had never failed a course before, made the e-mail list because she’d signed up for one class and had failed it because she’d had to spend time with a daughter who came down with pneumonia.

If the group e-mail had been sent out with each name marked as a bcc: rather than to: then no one would have been able to read the list.

And here’s a surprise - Google, the only gorilla on the search engine block, has announced it has plans to compete with PayPal, the ubiquitous method used to pay for purchases at web sites from eBay to Amazon.com and many in between.

Since 99% of Google’s revenue last year ($3.2 billion, by the way) came from on-line advertising revenue, it does make sense that the company would try to diversify. PayPal, a property of eBay, generated $233 million or a little less than ¼ of eBay’s revenues last year.

Enough of the bad and business news - how about something fun to do on the Internet? We could start by watching traffic jams on the San Francisco Bay Bridge on the CalTrans camera network (don’t try this with a slow dial-up connection). Get on over to the CalTrans camera site at http://video.dot.ca.gov/

You’ll find links to cameras in the Sacramento area, San Francisco-Oakland, Los Angeles, San Diego and other areas. When you click on the link to the camera of your choice your media player should open and the camera will buffer, or send some data to your computer, then the picture should show up. Use your F12 key to increase the picture size to your full screen, and you’ll get quite a picture with traffic rushing to and fro.

In the “Sacramento area” list, you will find a number of cameras at different spots along both Highways 50 and 80, as well as I-5 at Richards and the Capitol City Freeway at E Street.

For the Bay Area, my favorites include Hwy. 80 at Fremont (see all the traffic streaming across the Bay Bridge into San Francisco); another is the Hwy. 80 at the 101 junction (no, I don’t miss driving through that).

Had enough of traffic video cameras? How about we zoom off to Lake Tahoe, where from the top of the Ski Run Marina (http://www.skirunmarina.com/) in lovely South Lake Tahoe we find a web camera we can control. Yes, it’s true, you can pan left and right, up and down, zoom in or out. Get on over to http://www.virtualtahoe.com/Cam.html

You’ll see the camera area in a greyed out square center left on your screen. The slidey bar below the picture pans the camera left or right, while the one to the right pans up and down. The far right slidey bar zooms in and out. To gain control of the camera, click on “Start Control” in the lower right corner of the grey box; you’ll have a few minutes to play then the camera is given over to someone else.

You’ll see some “preset” camera angles in a pull-down menu below the picture; one of these is set to where the Tahoe Queen berths.

On the same web page you’ll see the Tahoe Sky Cam, from high atop Harvey’s Resort and Casino. While you can’t zoom the camera, it’s a view you’ll often see on KCRA’s weather reports.

Zooming right around, off we go to some San Francisco web cams, at http://www.sfgate.com/liveviews/. Here you’ll find a collection of four web cameras, courtesy of KRON TV in San Francisco. The cameras include one from the top of the Transamerica Pyramid (too cool) as well as cameras watching the Bay Bridge Toll Plaza (no, I don’t miss that traffic either), as well as a camera at Potrero and Hwy. 101 and a camera at the south end of the Golden Gate bridge.

Speaking of the Golden Gate bridge, an interesting view can be found at IneTours web site (http://inetours.com/index.htm). At this web site you can “tour” Las Vegas, New York City, San Diego, New Orleans, San Francisco, Wine Country and Yosemite National Park. The web site’s navigation is a bit tricky, but once you find the large panoramic pictures you’ll have a real treat. My favorites are of the Golden Gate Bridge (http://inetours.com/Pages/SFNbrhds/Golden_Gate_Bridge.html) and the view from Coit Tower (http://inetours.com/Pages/SFLndmrkVws/CoitTwr.html). Note that these panoramic vistas aren’t live cams, but are pictures taken and posted for your viewing pleasure. The Coit Tower picture is an incredible 360 degree shot from just north of the monument.

For vistas closer to home, check out all the panoramic pictures of Yosemite at http://inetours.com/Yosemite/Yosemite.html

Now, get on over to your computer and waste some time with all these links. Remember that this column is available online at the UnionDemocrat.com – look for the “Local” section and you’ll see the column is posted every Friday and (here’s the best part) you can just click on the links to visit the site. Knock yourself out.