April 19, 2024
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – Emotet Botnet Is Back, Resumes Activity Across Servers around the World
August 26, 2019Rewterz Threat Alert – Attackers are targeting vulnerable Fortigate and Pulse Secure SSL VPNs
August 26, 2019Rewterz Threat Alert – Emotet Botnet Is Back, Resumes Activity Across Servers around the World
August 26, 2019Rewterz Threat Alert – Attackers are targeting vulnerable Fortigate and Pulse Secure SSL VPNs
August 26, 2019
Severity
High
Analysis Summary
Mastercard disclosed a data breach to the German and Belgian Data Protection Authorities (DPA) involving customer data from the company’s Priceless Specials loyalty program.
The data was made available on the Internet, with customers’ names, payment card numbers, email addresses, home addresses, phone numbers, gender, and dates of birth being included in the leaked info.
Mastercard says that “the incident is limited to the Specials program” and that the only payment card information leaked were the numbers of payment cards.
After the data leak was discovered, Mastercard suspended the German Priceless Specials and took down its website, leaving up only a message saying that “This issue has no connection to MasterCard’s payment network.”
Breach discovered after data was leaked
The breach was discovered after the loyalty program data was released on the Internet on August 19 says Mastercard.
Based on the facts known at this time, the following personal information is affected: payment card number, title, name, date of birth, gender, mailing address, e-mail address and telephone number and the time of first registration with Priceless Specials. Neither access data nor passwords were published. The expiration date of payment cards and the check digit (CVC) were also not published.
Impact
Exposure of sensitive information
Affected Vendors
Master Card