Tourism Data Hack Leads Greek Banks To Cancel Thousands Of Their Cards

All four of Greece’s main banking institutions enacted security protocols after a data breach, and consequently cancelled 15,000 consumer cards, according to reports. After consumer information was compromised on a tourist website, Alpha Bank, Piraeus Bank, Eurobank and the National Bank of Greece each cancelled their credit and debit cards for customers.

Via a joint statement, the banks acknowledged that a relatively small number of users had been falsely charged with improper financial transactions. As a result, any banking card used on the travel portal was cancelled, and to be replaced.

A Greek newspaper reported that the banks are all involved in a continuing investigation to determine how the hack happened. It is anticipated to be completed at the end of March.

A key source of the inquiry is whether or not the tourist website follows the Payment Card Industry Data Security Standards (PCI DSS). The travel site lets customers purchase transportation of all kinds, plus hotel reservations and insurance. Major credit card companies, such as Visa and Mastercard, are also involved in the investigation. If the website is fully compliant with PCI DSS, then investigators will examine other potential causes of the breach.

Athens, Greece houses the European Union Agency for Cybersecurity (ENISA), designated to help EU member countries improve their identification and responses regarding the ongoing threat of cyberattacks and data compromises resulting from cybercrime.

Greece’s banks are no strangers to challenges. Last year, they were raided in conjunction with an investigation into potential unfair collaboration between the institutions, reports said.