Mastercard informed customers on thursday that their payment card number, with which they had registered with the program, was "possibly" also affected. In the first known lists, the numbers were still unrecognizable except for the last four and first two digits.
At least the expiration date and the call number on the back of the card were not part of the data leak. This means that the leaked card numbers cannot be used directly for purchases on the internet, because at least the expiration date is also requested. As far as we know, the two pieces of additional information were not collected during the "priceless" registration process and should not have been included in the database in the first place.
Mastercard pointed out that a service provider that operated the bonus program "suffered a security incident. There is no connection to the mastercard payment network.
But there is still the danger that online criminals can use the information that has come into circulation, such as e-mail, date of birth, cell phone number or address, to send fake e-mails, for example to get hold of your passwords. According to information from industry circles, mastercard has already informed the issuing banks that the group will assume the costs if customers want to exchange their cards after the data leak.