Western Union Holdings Tuesday continued to assess the damage done last Friday when a malicious hacker's attack caused about 15,700 credit-card and debit-card numbers belonging to customers of the telegram and money-transfer company to be illegally copied off of its Web site.
Peter Ziverts, a spokesman for WesternUnion.com in Colorado, said the attack against the Web site was discovered Saturday during a routine performance audit. The security breach that allowed the attacker or group of attackers to access the credit-card data was caused by a "human error" during some work on the site, he said.
The Web site, which had been upgraded in June to allow users to send money over the Internet, was undergoing "performance management" tasks last week, according to Ziverts. But after the work was done, the employees who did it apparently "left a file unprotected," creating a security hole that could be used to enter the site, he said.
Western Union officials reacted swiftly after learning of the problem, Ziverts said. The company shut down the Web site and immediately began contacting customers directly by telephone and e-mail. It also contacted credit-card companies and the National Bankcard Association to advise them that the numbers had been stolen -- a step that Ziverts said enabled the credit-card issuers to institute "fraud watch" protections.
Even so, he added that an unspecified number of customers were advised to close their existing credit-card accounts and open new ones with different numbers. Only Western Union customers who had used the company's Web site to transfer money over the Internet were affected by the security breach, Ziverts said.
The Web site remained shut today, with the following note posted on its home page: "Our Web site is temporarily out of service. We apologize for any inconvenience."
But Ziverts said WesternUnion.com could be back online before the end of the day after having been upgraded to provide better security and site management capabilities aimed at preventing a repeat break-in. "We believe we have taken very, very aggressive measures to assure the security of the site," he said.