I received a couple emails in the last few weeks from CheckFree customers that had read my postings about the Fiserv DNS hack. One such email, whose name I'll leave out to respect his privacy, expressed concern that there was more to this than CheckFree was letting on. He wrote... ..."It is my belief that there was more to this hack that checkfree is 'fessing up too (I am writing you because you alluded to how much worse the attack could have been in your blog post). When I spoke with the checkfree folks, they assured me the only thing that would have happened was I would have been redirected to a blank screen. If the process was different, I would have noticed. Do you have any suggestions as to how I might find others who may have had the experience I had?"
To which I responded:
"First, sorry to hear about your experience with CheckFree. Second, thanks for following the PIN Debit Blog. Unfortunately, I am not aware of any methods to identify other victims of the recent CheckFree hack.
I do agree, (with you) that there is probably more than meets the eye,in terms of the fallout of the hack. Some of these sites like CheckFree are a window to hundreds of financial institutions, protected by a single username and password. I'm surprised no one has raised the question of whether or not the financial information — which presumably has to be stored for record keeping purposes — might have been compromised.
If I hear of anything that might be of help to you, I certainly forward it. In the meantime, your best bet is to work directly with CheckFree. My understanding is that some malware may have been uploaded to your PC, so stay alert and keep an eye on your personal accounts..
Now it seems that he was right about them not totally "fessing up" because today, CheckFree warned 5 million customers to be on alert.
Here's the story from Robert McMillan from ComputerWorld.
CheckFree Corp. and some of the banks that use its electronic bill payment service are notifying more than 5 million customers that criminals took control of several of the company's Internet domains and redirected customer traffic to a malicious Web site hosted in the Ukraine.
The Dec. 2 attack was widely publicized shortly after it occurred, but in a notice filed with the New Hampshire Attorney General, CheckFree disclosed that it was warning many more customers than previously thought.
That's because CheckFree is not only notifying users of its own CheckFree.com Web site of the breach, it is also working with banks to contact people who tried to pay bills from banks that use the CheckFree bill payment service.
"The 5 million people who were notified about the CheckFree redirection were a combination of two groups," said Melanie Tolley, vice president of communications at CheckFree's parent company, Fiserv Inc., in a statement. "1.) those who we were able to identify who had attempted to pay bills from our client's bill pay sites and minus those who actually completed sessions on our site, and 2.) anyone enrolled in mycheckfree.com."
Tolley wouldn't say what banks were affected by the hack... (continue reading at ComputerWorld)
![Reblog this post [with Zemanta]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_t7dfLkgOT3JmhCEFZDE1EPFL3KexZsWRtSsNZZRTy7k1T_Yxj0doEiBeYcOQHdtRhYIK9PiMd2dkQZxJtk2ayLIBYhiq4kL0nYAATLZ8X5GQfvLVwib09lJQfzQgK7PFmTWyoGJy12-IcoPmkTQE0=s0-d)
