Emergency fund service and salvation of the world's bail bondsmen, university students and cornered deadbeats Western Union admitted late Sunday that malicious hackers compromised the credit card details of 15,700 customers who had transferred money on their Web site, which was left unprotected while undergoing maintenance, the Associated Press reports.
The company began notifying affected customers via telephone and e-mail over the weekend, and by late Sunday had informed Visa and MasterCard about which accounts had been affected.
No cases of fraud have yet been reported (give it time, lads), and Visa and MasterCard have begun monitoring affected customer accounts for unusual activity, the wire service quoted Western Union spokesman Peter Ziverts as saying.
Online money transfers account for an "absolutely minuscule" portion of the company's total transactions, Ziverts noted.
He indicated that the problem was caused by brain-dead sysadmins rather than a basic network flaw. Employees conducting routine maintenance inadvertently left the system unprotected, allowing intruders to waltz in. He added that it was not an inside job, but we'll just wait till the FBI is finished with their investigation before swallowing that one.
Western Union first detected the attack on Friday. The company has since set up a free number in the US for claims and complaints at 1-800-228-6530. ®