Social media has been flooded with posts from frustrated customers of the Bank of Maldives (BML) who have reported unauthorised transactions from their credit cards. One user on X recommended, “If you have a Mastercard Credit Card from BML, I suggest using the Freeze Card option on the mobile app & only activating it when needed.” This advice comes as a response to reports of unauthorised purchases that have left many users vulnerable.
If you have a Mastercard Credit Card (CC) from BML, I suggest using the Freeze Card option on the mobile app & only activating it when needed. There's been a data breach involving unauthorized Facebook ad purchases, & BML is already addressing the issue by blocking identified CC.
— Hussain Jinan 🍉 (@profEuLOGist) September 20, 2024
The recent alleged data breach affecting BML Mastercard credit cardholders has resulted in numerous unauthorised transactions, particularly related to Facebook ads.
Another user posted on X, “MVR 11,000 has been stolen from my credit card, and I’m forced to wait for payments to ‘settle’ before I can even dispute the charges. How is this acceptable? @bankofmaldives needs to act faster to protect us from these breaches ugh.” This sentiment reflects the growing frustration amongst cardholders, who feel the bank’s response time in addressing fraudulent charges has been insufficient.
MVR 11,000 has been stolen from my credit card, and I’m forced to wait for payments to ‘settle’ before I can even dispute the charges. How is this acceptable? @bankofmaldives needs to act faster to protect us from these breaches ugh https://t.co/KDhP4xKmSg
— 🇵🇸 🧚🏼♀️ (@anothershifa) September 20, 2024
BML’s Response
Speaking to Corporate Maldives, a representative for the Bank of Maldives (BML) addressed the ongoing concerns about unauthorised transactions, explaining, “This is a case of merchant data compromise, where a merchant’s payment system is breached, leading to the theft of cardholder information by third parties. Such breaches can potentially affect millions of customers globally,”
They further assured customers that all transactions made with BML-issued cards are secured by 3D secure authentication, which validates purchases, prevents unauthorised use, and ensures the highest level of security. “We can confirm that in cases where a merchant is compromised, our customers are fully protected and will not face any financial loss,” the representative claimed.
The Broader Context
The reasons behind these unauthorised transactions are varied, but one of the most common causes is phishing, where individuals are tricked into providing sensitive information like credit card details. Additionally, malware and spyware can capture credit card information during online purchases. Another significant risk comes from breaches within merchant systems, where hackers gain access to customer payment details. In this case, while BML’s systems themselves may not have been directly compromised, the breaches seem to have affected merchants, possibly leading to fraudulent purchases on platforms like Facebook.
The responsibility for preventing such incidents lies with multiple parties. Banks like BML are tasked with monitoring transactions and responding quickly to suspected fraud. Many cardholders have used features like card freezing, but delays in disputing charges, as reflected in customer posts, remain a source of discontent. At the same time, companies like Meta (Facebook’s parent company) also play a crucial role. With numerous reports of fraudulent ad purchases, questions have been raised about Meta’s ability to detect and prevent unauthorised transactions.
Lessons Learned
Consumers, too, have a role in safeguarding their financial data. Avoiding the storage of credit card details on websites, regularly updating passwords, and being cautious of phishing schemes are essential preventive measures. In response to this ongoing issue, one X user has urged others to stay vigilant: “Freeze your cards when not in use. It’s safer than waiting for things to go wrong.”
While BML continues to address the issue by blocking compromised cards and working with international partners, the burden of responsibility is shared across multiple parties—banks, merchants, and consumers. Preventive measures, faster responses to fraud, and stronger security protocols are necessary to protect individuals from further financial harm.
