[Dataloss] More on the BofA card-cancellations

Sharon Besser sbesser at gmail.com
Fri Feb 10 11:51:05 EST 2006 

According to

http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2006/02/10/BUG5HH5N841.DTL
There was a security breach.  Here are some highlights from this
article that also discuss the legal requirements to disclose
information to the public.


".... But well-placed sources within the banking and credit card
industries now tell me that the company in question is a leading
retailer in the office-supply business.

Those sources also place the total number of consumers affected by the
security breach at nearly 200,000.

Washington Mutual confirmed Thursday that it too was involved in the
breach and is replacing customers' debit cards.

Banking industry sources said they were notified last month by Visa
and MasterCard that the computer system of a prominent merchant had
been penetrated by a computer hacker, and that account information for
thousands of customers had been endangered.

Rosetta Jones, a spokeswoman for Visa USA, acknowledged Thursday that
the incident involved a U.S. merchant that "may have experienced a
data security breach resulting in the compromise of Visa card account
information."

Sharon Gamsin, a spokeswoman for MasterCard International, said the
credit card company had been informed of "a potential security breach
at a U.S.-based retailer..... "

---Sharon


-----Original Message-----
From: Chris Walsh [mailto:cwalsh at cwalsh.org]
Sent: Friday, February 10, 2006 7:39 AM
To: dataloss at attrition.org
Subject: [Dataloss] More on the BofA card-cancellations

>From today's American Banker Online
(http://www.americanbanker.com/datasecurityscan.html [paywall]):

Julie Davis, a B of A spokeswoman, told American Banker that to her knowledge
                                                             ^^^^^^^^^^^^^^^^
no major security breach has occurred in recent weeks at a third party that
                                      ^^^^^^^^^^^^^^^
works with B of A, and that the cards that were reissued were likely not
connected to a single event.


"It's part of our normal process to block and reissue cards when there is any
potential for fraud," she said. A group of "customers receiving a letter don't
necessarily indicate that they are from the same incident."
^^^^^^^^^^^

[I underlined certain parts]

Depending on what "recent" means, this *could* be Sam's Club fallout (among
other things).  Of course, unless people actually reveal information, we will
never know, will we?

_______________________________________________
Dataloss mailing list
Dataloss at attrition.org
https://attrition.org/mailman/listinfo/dataloss

More information about the Dataloss mailing list