MasterCard is not alone. On of the [smaller] Canadian banks and Canada Post had similar issues and yes, reply was also in a style "We have looked into the matter and there was not a risk to our systems". It seems that Canada Post fixed that eventually, while the bank fixed it ... and then re-introduced it recently again.