Western Union, Englewood, CO, discovered recently that customer credit and debit card data had been accessed by a hacker who found part of its Web site unprotected. The site was accidentally left unprotected by Western Union systems employees who had performed maintenance on it before the break-in.
“When we realized what happened, our first focus was protecting our customers,” said company spokesman Peter Ziverts. “We began contacting them Saturday by telephone, e-mail and Mailgram.”
While customers were being alerted, Western Union disabled its Web site and launched an investigation, Ziverts said.
On Sept. 10, the affected credit and debit card numbers were transmitted to the appropriate financial institutions to alert them to the possibility of credit card fraud. Visa International and MasterCard International are monitoring all the accounts in question for fraudulent activity, Ziverts said.
He added that a maximum of 15,700 account numbers were stolen but declined to release the number of names on the Western Union online database.
At press time, the hacker had not been identified, and no cases of credit card fraud had been reported.
Before the break-in, Western Union planned an official launch of its Web site this month. Ziverts said that as a result of the hacking, the official launch will be pushed back.
“We believe that this still is and will be a very viable business for us,” Ziverts added.
Western Union, a money transfer and electronic payment company, is a unit of First Data Corp., Atlanta, which provides debit, credit and merchant transaction processing services.
