As Cyber War Heats Up, Hacktivists Post MasterCard Numbers Online

Source: Raw Story

As cyber war heats up, hacktivists post MasterCard numbers online

By Daniel Tencer
Wednesday, December 8th, 2010 -- 8:30 pm

Operation Payback, the hacktivist group taking revenge on groups and individuals seen as enemies of WikiLeaks, has published a list of what it says are 10,000 MasterCard credit card numbers. The anonymous hackers earlier in the day attacked the websites of both MasterCard and Visa, in retaliation for the companies' freezing of WikiLeaks' account.

"To the people of the industrial world, dismiss your MasterCard now!" the group declared on a Twitter account that has since been taken down.

The list includes what appear to be card numbers, as well as expiry dates. However, the names of the card-holders are not included.

The numbers were posted to a file-sharing site that has evidently since taken them down. Raw Story has obtained a copy of the list, but has decided not to publish it for privacy reasons.

Read more: http://www.rawstory.com/rs/2010/12/cyber-war-heats-hacktivists-post-mastercard-numbers-online/

Identity theft is no laughing matter.

Hunt them down and put them in prison.

You appoint somebody as your agent, you expect them to protect your information.

Would it be better to not say anything and let it happen repeatedly like Bank of America.

Upholding criminal activity.

Let me put it to you this way so its a GD sensitive issue for me. I was a victim of some little azzwipe stealing a CC number.

I spent a lot of money and time to correct it. He got jail time.

No computer and or server is 100% secure. They might be though if we didn't have to worry about

little azzwipes like these guys.

"Go away, we don't want to know about it."

Then you are supposed to be sympathetic when they get hacked?

All this does is hurt innocent people who hold the cards.

They are the ones left with the mess to clean up.

rather than the customer, I cut my cards up. I can't help the sheep.

Back in the real world some of us them from time to time.

who gives a shit, right?

They are not really hurting the owners and stockholders of Master Card itself but the individuals who they have now exposed to fraudulent use of their credit card.

Yes the company was wrong to not have that information more secure but it doesn't negate the damage done to innocent people. They are the ones hurt by this not the suits. They could care less. They get an extra 50 bucks out of it because even if you are able to prove fraudulant use, you are still responsible for that first 50, even though its not really your charge or your fault.

I'm sure you have plenty to look forward to. Of course, I'm unlikely to look you up and tell you about my latest civil disobedience. Much of which could be considered illegal though it isn't actually, it just pisses off the PTB.

julian did get nice leg out of the deal. Call it what you want, if you are stealing shit you are a criminal. Breaking stuff a scumbag. Now if you are doing something like filming animal abuse or such, good job.

through a Starbucks, though, in Seattle, it's hard not to.

But then, I think I can say any damn thing to you and you won't respond, will you? You've put me on ignore. Which is hilarious because I've contemplated that same action with you for quite a while but I'm very hesitant to put anyone on ignore - not really looking for this to be an echo chamber. Not so much you, I'm guessing.

Yeah, they shouldn't post 'em, but neither should they be able to get 'em. Crap security for Mastercard.

Caveat emptor.

just a matter of how far they are willing to take it.

God bless them, everyone!

:dem: :kick:

it is not funny any longer. Time to go after these criminals!!!

:kick:

:rofl:

However, a list of numbers and expiry dates alone, offers not useful information to the wider community, while clearly telegraphing that the publishers of the information ARE in possession of full details and that they have compromised a database somewhere. And having published the info, they have pretty much rendered the portion they did not publish useless for nefarious purposes since those numbers will (or should) now go under special scrutiny for fraudluent transactions and presumeably new cards & numbers will be quickly issued.

As it stands, this is a case of: "Look at what we DID do. Now think about what we COULD have done."

Yes this is almost certainly illegal, but it does not necessarily have to be immoral. If all that is ever done with the information stolen is tweak the noses of those it was taken from, my concern is not great.


Odds are that the list was obtained by compromising a merchant somewhere. However, the spin being given the story, is that the list came from actual Mastercard servers. AND if that proves to be the case there are a lot of soiled underpants in Wall Street right now. If Mastercard's main servers have been compromised, there is no telling who else might have had their files riffled through. AND no telling what might next appear on Wikileaks.

Think about the financial damage that could be done simply by slamming a whole raft of fraudulent transactions onto compromised cards and THEN announcing what had been done. Since Mastercard itself would have been the point of intrusion, they would have one hell of a time dropping losses onto the vendors as is the usual case with CC fraud.

Even more fun from a let's make them soil themselves point of view (if MC's servers were truly compromised) would be to simply start making exactly the same $1 (pick your arbitrary amount) transaction on cards in numerical order until someone or some algorithm caught on.

site.

If they hacked into MC's computers and fouled up the accounting and such they would probably win supporters, but posting credit card numbers is NOT a "Robin Hood" move.

Have a link?

Big difference!

This is lunacy.

back when I had the energy.

Nevertheless, it is an aggravation that I do not need.

don't sweat it.

of finding out. Answering would interfere with your fun.

I was just curious whether or not you would provide an honest response.

LOL

Please.

Deception the art of the possible.

It is more in the interest of anti-wikileaks people to post a bogus list and smear Anonymous than it is in Anonymous' interest to post bogus numbers.

Thank you.

we'll see, but it sounds like it to me

to undermine efforts against Visa MC.

Somebody did it to make it look like folks working for the govt did it to undermine efforts against Visa MC.

Or maybe somebody did it to make it look like the government did it to make it look like somebody did it to make it look like folks working for the govt did it to undermine efforts against Visa MC.

Or maybe the government did it to make it look like somebody did it to make it look like the government did it to make it look like somebody did it to make it look like folks working for the govt did it to undermine efforts against Visa MC.

Or maybe somebody did it to make it look like the government did it to make it look like somebody did it to make it look like the government did it to make it look like somebody did it to make it look like folks working for the govt did it to undermine efforts against Visa MC.

Or maybe the government did it to make it look like somebody did it to make it look like the government did it to make it look like somebody did it to make it look like the government did it to make it look like somebody did it to make it look like folks working for the govt did it to undermine efforts against Visa MC.

Yeah, that's probably it! CIA operative Colonel Mustard in the Library with the candlestick did it to make it look like somebody did it to make it look like the government did it to make it look like somebody did it to make it look like the government did it to make it look like somebody did it to make it look like folks working for the govt did it to undermine efforts against Visa MC.

:crazy:

a familiar thing.

Good.

Edit: Fixed typo

To quote a good friend from Port Au prince "you don't know what hasn't got to you yet"

the government and corporate types are stupid enough to bring it down around them.

:evilgrin: :grr: :evilfrown:

All things in time.


"We work in the dark — we do what we can — we give what we have. Our doubt is our passion and our passion is our task. The rest is the madness of art."

this week will be seen as like important and shit.

:(

All this talk about stolen cards, identity theft, etc ignores the fact that the group did not publish the names associated with the numbers. When was the last time you were able to use a MC or Visa without giving the name of the card holder?

I agree, this is over the line and a stupid move as it pisses people off more than makes them cheer for the cause, but it's not as over the line as some here are claiming.

P.S. Raw Story has an update saying MC claims the numbers are fake; Raw Story is unsure if the numbers are real or fake. MC claimed all of the card numbers started with "5" and those aren't MC cards. Raw Story says not all the numbers they have start with 5.

With a $30 encoder and some blank cards with magnetic stripes, I can make a credit card that will work on any POS terminal in the US that has a magnetic stripe reader. I could print whatever name I wanted on the card. That's the whole argument for moving to a smart card technology...

posting personal MasterCard numbers is hurting the people who hold the cards not the company.

She told DU that this had happened and was laughed at and told it was nothing more than anti-Julian propaganda.

they didn't release any real numbers. It has been mentioned with links five or so times upthread.

And if the links are to someone's blog I've never heard of, I'm not convinced they were bogus.

trying to finish up some other things at the same time. I thought they were upthread. Here is a link from SCMagazine

http://www.scmagazineuk.com/mastercard-denies-that-leaked-card-numbers-are-genuine-as-anonymous-groups-ddos-attacks-continue-against-visa-and-paypal/article/192461/

If they had 5s instead of 4s, they were decidedly fake. However, I can see where MasterCard would be denying it all over the map whether they were or not. I know very little about hacking or who these folks are.

they just might be trying to protect themselves. I can think of any number of instances where numbers were put out there and businesses like phone and other utility companies denied their customers were put at risk and later had to admit they were wrong. I got a letter from General Telephone (which no longer exists) saying my number was part of a list that was sold but that my social security number wasn't part of what went out. Then I got another letter a few weeks later that said well, my number MIGHT have been part of what was sold, but hey, if it was, it wasn't General Telephone's fault and not to worry. Who knows who's telling the truth in this instance. It's all too crazy at the moment to sort it all out.

I don't know what the numbers were because I didn't see them. In any case, IF they were real numbers, I can't support that.

to me a few years ago. I agree, though, that releasing real numbers is over the line.

I am NOT saying that those were real #'s - in fact, MC said that they weren't. But the fact they DID start with a 5 doesn't make them decidedly fake.

http://money.howstuffworks.com/personal-finance/debt-management/credit-card1.htm

The first digit in your credit-card number signifies the system:
3 - travel/entertainment cards (such as American Express and Diners Club)
4 - Visa
5 - MasterCard
6 - Discover Card

I saw those posted c/c #'s with my own eyes on Anon's Twitter feed and was trying to warn people the dangers of blind linking - malware, viruses, phishing, child porn, credit card #'s - you don't know what's on the other end of it. There was no indication at the time that these were fake #'s and it is irrelevant to the point I was making about blind links. Whatever.

There are a few people who now feel it necessary to attack me on any and everything I post because I warned DU about blind links. Or because I think it's OK to question someone's motives when they are trying to hurt the US. Or because I don't like people posting links from RW conspiracy theory sites on DU. Or because I am suspicious of hyperbole and lies being used to stir up anti-government hatred. Or because I think DDoS attacks are wrong and know that they are criminal. It's fine, I can take it - but thanks! :)

All these hacking activities are going to cause an over reaction from the inc republican govt and dont expect the "freedom" loving tea party to oppose it> Please stop the criminal activites now, we have a better chance of winning hearts and mind by using peaceful methods than the criminal method.

posted, and may it be used to rack up charges and may you struggle with it for fucking years.

loser kids using a bot to force a DDoS. There was no real hacking involved. Many well informed DU'ers, who swore I didn't know what I was talking about told me so... :rofl: :rofl: :rofl: