[Dataloss] Montgomery Ward didn't tell consumers about credit card hack
hbrown at knology.net
Mon Jun 30 19:37:05 UTC 2008
Follow up with some interesting ADDITIONAL Details...
Milgrom said Direct Marketing Services immediately informed its payment
processor and Visa and MasterCard. Then, Milgrom said, Direct Marketing
Services closely followed a set of guidelines, issued by Visa, on how to
respond to a security breach. That included a report to the U.S. Secret
Service. He said he believed by the end of December that Direct
Marketing Services had met its obligations.
After being asked about those laws by The Associated Press, Milgrom said
Direct Marketing Services now plans to contact consumers.
Along with the card numbers, their three-digit "security codes" and
expiration dates, the thieves had the cardholders' names, addresses and
phone numbers. The data had been organized in the same way, indicating
the numbers likely came from the same database. CardCops' president, Dan
Clements, also noticed that the vast majority of the cardholders were
women, a clue that the records came from a merchant catering to a
It is not clear to Clements, though, whether the hackers were inflating
their claim when they offered 200,000 records or whether Milgrom's
number of 51,000 is accurate.
Links to the 44 state notification laws:
-------- Original Message --------
Subject: [Dataloss] Montgomery Ward didn't tell consumers about credit
From: lyger <lyger at attrition.org>
To: dataloss at attrition.org
Date: 6/27/2008 5:55 PM
More information about the Dataloss