One bank has confirmed fraud on some of the credit-cards whose details were stolen in the theft of up to 60,000 customers records from Bottle Domains. And another has confirmed it is watching a list of card accounts at risk, a list sent to it by the Australian Federal Police.
Up to 60,000 cards could be on the list, because that's the number of customer records claimed to have been stolen from Bottle Domains earlier this year.
As recently reported by eCommerce Report, the alleged thief offered the file of customer records for sale on a hackers web-site.
An AFP spokeswoman confirmed that a 22 year old Perth man was arrested soon after the postings to the website. He appeared in the Perth magistrates court on 10 February charged with dishonestly dealing in personal financial information.
Despite clear evidence that the theft involved a major breach of credit-card security, Bottle Domains customers haven't yet been told their credit-card details have been stolen.
Arguably, they don't need to be because domain name industry regulator - au Domain Administration Ltd (AuDA) sent an email to all Bottle Customers informing them of the security breach. And the email warning included a warning to Bottle Customers to keep a watch on their credit-card accounts.
Both the Commonwealth and NAB have confirmed they've recently been sent lists of the card accounts at risk.
NAB issued a statement to eCommerce Report confirming that a small number of the cards involved had already been hit by fraud.
Commonwealth Bank also confirmed receiving a list of card accounts at risk.
The merchant involved, Bottle Domains, one of Nick Bolton's Australian Style companies, claims to have been compliant with the latest PCIDSS card security standard.
(Bolton is the investor seeking to wind up BrisConnections and avoid having to pay a substantial capital call on the partly paid shares).
eCommerce Report