When Western Union wired customers’ money, hackers transferred their personal deets

Your Feed is from https://www.safeharboroncyber.com/Blog/
CyberWisdom Safe Harbor Commentary on Western Union:
A must read story from theregister.co.uk concludes a hidden breach announcement discovery on Western Union has confirmed that one of its IT vendors was hacked, and that customer information is exposed to gangsters.
A registered reader who wishes to remain anonymous has shown us a copy of the January 31 letter he received from the remittance agency. The rumor acknowledged that a supposedly secure data storage company used by Western Union was damaged: a database filled with records of wire giant accounts was vulnerable to plundering and hackers would soon assume responsibility.
The letter reads: “We found that some of your information may be unauthorized to access because of computer intrusions into an external supplier system used for secure data storage in the Western Union.”
“We immediately moved our external secure storage to another vendor’s system and we immediately notify law enforcement and are actively engaged in the investigation and immediately provide expert assistance to determine which personal information may have been compromised.
In other words, it sounds like a cloud-based or off-site backup storage provider is getting hacked. Now that the system is down, the police are on guard, and the digital forensics team is detecting network intrusion.
Suspicious Activity on Western Union
A spokesman for Western Union told a “registered” reporter today: “After detecting suspicious activity, Western Union permanently suspended all uses of the vendor’s system and took the system offline.
“Western Union immediately took steps to inform law enforcement agencies that the affected individuals and regulators have been notified and affected individuals receive a customized notification of the specific types of personal data that may affect him or her.”
According to the letter, the stored file contains the customer’s contact information, bank name, internal customer ID number of the Western Union, and transaction amount, time and ID number. It emphasizes that credit card data will never be adopted.
El Reg released a revised letter earlier this week:

@WesternUnion has been sending out letters warning of a computer security hack, blaming 3rd party data storage. Which vendor could it be?

12:06 PM – 12 Feb 2018

View pictures on Twitter: registered
@TheRegister
@WesternUnion has been sending letters to warn computer security hackers of accusations of third-party data storage. It may be which supplier?
3:06 PM – February 12, 2018
See other registered tweets
Twitter Ads information and privacy
Red-faced businessmen quickly pointed out that neither their internal payments nor their financial systems were affected in the attack. Nor does it mean that third-party storage providers are the ones who give inconvenient providers of other clients time to check if they are hacked.
Western Union said it has so far not been aware of any fraud caused by data security problems, but it just recruits affected clients for one year in free identity fraud protection just to be on the safe side.
Read More…
Outside storage outfit blamed for data leak blunder Western Union has confirmed one of its IT suppliers was hacked, and that customer information was exposed to miscreants. Engaging post, Read More…
thumbnail courtesy of theregister.co.uk

(adsbygoogle = window.adsbygoogle || []).push({});

If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post
The post When Western Union wired customers’ money, hackers transferred their personal deets appeared first on Safe Harbor on Cyber.