back to article RBS WorldPay breach exposes 1.5 million

RBS WorldPay belatedly admitted last week that hackers broke into its systems. The attack against the electronic payment services firm leaves to to 1.5 million payroll and gift card holders in the US at risk of fraud. Up to 1.1 million social security records were also exposed as a result of the breach. The affected pre-paid …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Flame

    Is this the same RBS...

    whose server full of processed creditcard applications (ie credit card numbers, security details, etc) was flogged on eBay earlier in the year?

    Who is going to be held responsible?

  2. Ted Treen
    Flame

    I just wondered...

    Have RBS, or indeed, any of the major international banks, any track record in organising festivities in a place of ale-production?

  3. Douglas Wright
    Paris Hilton

    English. Do you speak it?

    Payroll card? WTF is one of those then?

    Don't forget RBS has been owned by the UK government since October - so that's another 1.5 million people's data it just lost...

    Paris, since she's had her data nicked already.

  4. Anonymous Coward
    Coat

    It's nice to see.....

    ...that so quickly after Nationalising RBS, the Govenment has already managed to drive information security around personal records to the same level as the rest of the Civil Service. :-/

    Mine's the one with the "voluntary and patriotic" ID card in the pocket....

  5. This post has been deleted by its author

  6. Anonymous Coward
    Anonymous Coward

    WorldPay leaks

    I had to do a Worldpay integration think a few years ago. It was painful and expensive. Some time later, I started getting spam from a Worldpay competitor to the email address that I had only used for setting up the WP account. My guess was that a rogue IT person had left and taken the list with them. The most depressing bit is that I told them what had happened but they didn't care.

    Sadly they still have a near monopoly at what they do.

  7. Anonymous Coward
    Thumb Up

    All our databases are belong to us

    LOL

    Bring on the fail, it's hilarious!

    So few companies, so much data, so little time!

  8. Anonymous Coward
    Flame

    Yes it's the same RBS as

    http://www.theregister.co.uk/2008/08/28/data_bank_details/

    So, exactly who inside RBS management *is* going to be held responsible?

  9. Anonymous Coward
    Black Helicopters

    RBS normal process

    when things go wrong at RBS the first thing they do is to form a committee whose job it is to find someone to blame BEFORE things get fixed! the place is riddled with a cover-your-arse mentality coupled with a blame culture. With very little reward for achieving anything, it's not surprising that staff don't rush to fix stuff.

    posted a/c for obvious reasons!

  10. Anonymous Coward
    Alien

    PCI DSS compliance?

    The security breach was at the US division of Worldpay, I think this is different from the normal http://www.worldpay.com we use in Europe?

    But! looking at the latest PCI compliance list - http://tinyurl.com/7s69ex - I see the likes of Netbanx and Protx listed but Worldpay is absent? Does this mean the European processor isn't even PCI compliant?! I thought they had to be compliant or do they get a special exclusion from Gordy Brown?

  11. Pali Gap

    PCI DSS compliance - NOT

    WorldPay are NOT PCI DSS compliant!!

    "The Royal Bank of Scotland Group (RBS) takes data security and compliance with its many legal and regulatory obligations extremely seriously. The WorldPay payment systems are located in RBS Data Centres that comply with the stringent policies and procedures of RBS and have been designed to the highest standards that the Bank’s regulators and legislators expect.

    As you may be aware, WorldPay has been involved in a major project to replace the existing system and migrate to a new and enhanced platform. As part of this project, all work necessary to comply with the PCI DSS rules is therefore being directed at the new system and as a result WorldPay will remain 'In Progress' for PCI DSS compliance until work on the new system and migration of customers is complete.

    RBS maintains in regular and open dialogue with both VISA and MasterCard, sharing progress reports and updating plans, ensuring, as the enforcers of Scheme regulations, that they are up to date and aware of the project’s developing position towards compliance and endorsing of our plans."

This topic is closed for new posts.

Other stories you might like