| Page 2 of 2 < |
40 Million Credit Card Numbers Hacked
|
TOOLBOX
   Resize
COMMENT
 Discussion Policy
 CLOSE
Comments that include profanity or personal attacks or other inappropriate comments or material will be removed from the site. Additionally, entries that are unsigned or contain "signatures" by someone other than the actual author will be removed. Finally, we will take steps to block users who violate any of our posting standards, terms of use or privacy policies or any other policies governing this site. Please review the full rules governing commentaries and discussions. You are fully responsible for the content that you post.
Who's Blogging  |
In a written statement, CardSystems said it discovered the breach on May 22 and notified the FBI the next day.
"We are sparing no effort to get to the bottom of this matter," the statement said.
Bentz said Visa did not announce the breach, which it learned about in the past two weeks, because "we have an agreement with the FBI that we do not make an announcement in the middle of an investigation . . . and we hope MasterCard's jumping the gun does not do anything to jeopardize the investigation."
An FBI spokesman declined to comment other than to confirm that the agency is working on the case.
The breach is the latest in a spate of such announcements from a variety of organizations, including banks and companies that buy and sell personal data, universities and government agencies. In some cases information was lost, in others stolen, but the breaches have put identity theft atop the list of priorities for several members of Congress. Many of the cases involved Social Security numbers.
"Hardly a week goes by without startling new examples of breaches of sensitive personal data reminding us how important it is to pass a comprehensive identity theft prevention bill in Congress quickly," Sen. Charles E. Schumer (D-N.Y.) said in a news release.
Peirez said MasterCard supports extending data security laws that apply to financial institutions to any entity that handles consumer information, such as transaction processors and data brokers.
MasterCard also supports a national law requiring that consumers be notified when their information is breached and there is significant risk of identity theft.
But Dan Clements, chief executive of CardCops.com Inc., a privacy protection organization, said financial institutions lack any incentive to take more responsibility for the problem.
Not only do credit card companies and banks that issue cards bear no losses for fraudulent purchases, but banks charge merchants for reversing unauthorized charges.
"It's a revenue stream for them," Clements said.
