Banks block thousands of cards
Fraudsters hacked Spanish ATMs for accounts and PINs
Posted: November 25, 2009
By Stephan Delbos - Staff Writer | Comments (1) | Post comment
Courtesy Photo
Raiffeisenbank said it will issue clients new cards, and customers will not be responsible for stolen funds.
Clients of four major Czech banks could find their accounts blocked at their next visit to the ATM as a result of the largest bank-card security breach in Czech history.
ČSOB, Raiffeisenbank, Česká spořitelna and Volksbank CZ have begun blocking thousands of bank cards for customers who made transactions in Spain in spring and summer this year after it was reported that fraudsters had stolen information necessary to access these accounts, including account numbers and pin codes. Approximately 100,000 accounts in the Czech Republic could be affected by the blockages, according to the Bank Card Association.
"In the spring and summer months this year in Spain, there was a relatively extensive data leakage concerning payment cards, probably from a system processor such as an ATM," said Roman Kotlán of the Czech Bank Card Association. "There have been reports of the misuse of stolen data to manufacture counterfeits and make payments to merchants in different parts of the world."
Banks will be notifying affected customers over the next days if their accounts have been blocked and will then replace their bank cards at no cost, said Tomáš Kofroň, a spokesman for Raiffeisenbank. According to Kofroň, the bank has blocked hundreds of cards and is now dealing with fewer than 10 clients who have been "more significantly affected," but clients will not be responsible for stolen funds.
"The whole process of blocking the account and re-issuing a new card will take about a week," he said.
Thieves are alleged to have hacked ATM systems in Spain with software that allowed them to record the pin code and account number of cards entered on the machines, thus allowing them to make reproductions of the card or simply use the information to make purchases elsewhere. Kofroň said the fault of the security breach seems to rest with Spanish ATM companies rather than Czech banks. As a result, the bank is not planning any significant changes in the way it approaches card security, he said.
"These cases happen a couple of times a year, but this is big because it happened in Spain, where many Czech tourists travel," Kofroň said. "Usually, these cases take place in Asia and Ukraine, which host fewer Czech visitors. So, usually, we don't hear so much about them."
Others are less blasé about the implications of the security breach, however. Filip Pospíšil, of Iuridium Remedium, a group that monitors the way companies collect and handle clients' personal information, said data protection and identity theft are serious problems throughout Europe and must be more fully addressed.
"A situation like this one affects people's privacy, not just their financial interests or the interests of the banks," he said. "This is a problem throughout Europe, however, and not just in the Czech Republic."
The Czech banks that have been affected by the fraud have been quick to assure their customers their funds are not at risk. Pavla Langová, a spokeswoman for Česká spořitelna, said the blocking of ATM cards "is not unique."
"Monitoring and preventive blocking is one of the standard security measures linked to payment cards," she said.
Kotlán echoed this, calling the fraud more of an inconvenience for Czech clients than a serious threat to their financial well-being or an indicator of a lack of security among Czech banks.
"The only thing that can threaten clients is possible temporary restrictions on the use of their cards, coupled with the need to exchange them," he said.
Stephan Delbos can be reached at
sdelbos@praguepost.com
| 
-6°C Prague, Overcast
Recent comments
All comments (1)