Thousands of Greek cards to be replaced in travel website data breach
Greece’s four systemic banks have canceled or are planning to cancel and replace up to 15,000 credit and debit cards, after the payment card data used by some of their customers on a Greek online tourist services portal was hacked.
Alpha Bank, Piraeus Bank, Eurobank and the National Bank of Greece said that although the number of customers charged with transactions they never made totaled only a few dozen cases, they decided to act proactively and gradually replace all the cards that have made even one transaction on that website in the past.
The ongoing inquiry, which is expected to be completed at the end of March, is focusing on whether the website – which books airline and ferry tickets, hotels, cars and travel insurance – adheres to the Payment Card Industry Data Security Standards (PCI DSS).
If it fully complies to the standards, then the investigation will seek to clarify how the leak occurred.
The banks also said they have already informed the Bank of Greece, as well as Visa and MasterCard, which have begun investigating the breach.
Bank executives said that the immediate activation of security methods will keep whatever costs they incur “manageable.”