American Express has replaced 200 Australian-owned credit cards whose personal details, such as names and addresses, were exposed over the internet last year.
Details have only now been released on the largest credit card heist in internet history, which in January 1999 saw vulnerable details of over 485,000 American Express, Visa and MasterCard credit cards stolen from an undisclosed US ecommerce website.
A spokesperson for American Express's Australian operation said the credit card company was informed of the crime by US authorities less than four weeks ago, about one year since the theft was discovered.
The credit cards of the 200 Australians whose card details were registered on the site were immediately replaced, the spokesperson said.
It is believed the hacker stored the credit card details on a US Government site (also undisclosed) but did not use the card details to extort any money. The crime was not discovered until a web administrator for the site investigated the cause of abnormally high server memory usage and found the stolen data stored on the server controlling the site.
The spokesperson stressed that none of its Australian customers had fallen victim to fraud as a result of the theft.
"If there had been fraud, obviously people would have started looking into it. But because there was no evidence that there was any compromising of (card) numbers at all, it wasn't evident to anyone," the spokesperson stated.
It is believed the US Secret Service has tracked down the hacker from an Eastern European country, and is currently trying to bring the thief to justice.
MasterCard and Visa in Australia could not confirm how many of their locally owned credit card details were exposed over the internet as a result of the crime.