Cybercrime: A fast growing risk for Purchasing Card programs

A recent New York Times story reported that a Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses, security researchers say.

The records included confidential material gathered from 420,000 websites, including household names, and small Internet sites.  Most of the companies affected didn’t even know they were hacked, and the security firm that discovered the theft indicated “most of these sites are still vulnerable”.

The scope of these events makes it more critical that organizations take proactive measures as part of their card programs, including:

  • Educate employees and modify card policy around about safe commerce practices and secure website identification/use.
  • Enhanced vetting of suppliers by purchasing organizations for frequently visited ecommerce sites used for order placements (e.g. for “ghost” accounts).
  • Enforce requirements for frequent and monthly transaction review and reconciliation by users.
  • Use of continuous monitoring software or reporting to spot transaction anomalies quickly.

Ongoing vigilance like never before is a key countermeasure.

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>


(T) 508.878.5570

Email Us


loading Loading

    • " I highly recommend Alan's consulting, internal audit and management capabilities!  He was innovative, results focused, generated meaningful improvements, and a valuable resource that worked well with all parties.   It was a pleasure working with him."        

      — Chief Financial Officer & Treasurer, decentralized services company

    • “Alan worked for our company providing an audit of our department. His participative, non-threatening approach during the interview process, along with his thoroughness, resulted in a successful compilation of data that enabled a list of audit recommendations that were value added and meaningful." Top qualities: Personable, Expert, High Integrity

      — Director of Purchasing, fast growing services company

    • “Alan has performed many consulting reviews for (us)..., including risk assessments, compliance auditing, and program reviews. He has always come through with the expectations of our contract, and I gladly look to Alan for future assistance. He is a true professional! " Top qualities: Great Results, High Integrity, Creative

      — Associate Vice President & Director, Audit Services of leading higher education organization

Twitter: Follow Us