Visa investigates European card breach

Visa has revealed that it is investigating a possible security breach at one of its European payment processors.

The credit card company did not disclose which countries were affected, but state-owned Romanian bank CEC has already been forced to block and reissue 17,000 cards after suspicions were raised that they may have been compromised.

"The bank has been informed that a number of cards issued by banks in Romania and abroad have been potentially compromised through an international database. CEC Bank has decided to block the cards and reissue a new card and PIN, at no cost, for a number of cards in its portfolio," CEC Bank said in a statement.

"This attack did not target CEC Bank's cards alone and was not due to any bank vulnerability. Our clients' money is safe."

Visa issued a brief message to say that it is looking into the case.

"Visa Europe has been informed of a potential data security breach at a European processor and an investigation is underway. We are working closely with our member banks to ensure cardholders are protected," it said.

The Romanian Association of Banks, meanwhile, revealed that several banks had been advised of a possible security breach at a European payment processor, and urged any customers suspicious that their card details may have been compromised to contact their bank for clarification.

Earlier this month Trend Micro warned that a design flaw in the 3D Secure protocol could allow cyber criminals to carry out identity fraud on some Visa cards.

The security vendor's EMEA director of security research, Rik Ferguson, said that his card provider's implementation of Verified by Visa's password reset page asks for information which is either on the card itself or easy to obtain from the internet.