BreachExchange mailing list archives
Debit-card fraud underscores legal loopholes
From: lyger <lyger () attrition org>
Date: Tue, 21 Mar 2006 13:00:42 -0500 (EST)
http://www.securityfocus.com/news/11381 Recent widespread debit-card fraud likely has roots in three major data leaks that occurred in the last six months, two of which have yet to be publicly disclosed by the companies involved. Consumers have noted a large increase in the amount of debit-card fraud since the beginning of 2006, as well as a wide recall of cards by banks and financial institutions. Three major incidents are likely fueling the fraud, according to financial and security experts. A breach associated with bulk-goods retailer Sam's Club last autumn likely resulted in millions of debit-cards potentially being put at risk, according to financial-industry insiders. A second, smaller breach affecting hundreds of thousands of debit cards has been connected to office-supply retailer OfficeMax, although that company has denied any breach of its systems. And, the most recent data leak occurred in an ATM network and likely affected millions of debit-cards as well, banking executives told SecurityFocus. Despite security-breach notification laws on the books in 23 states, credit-card companies and financial institutions have not named the sources of the breaches. "There are few details of these leaks because credit-card companies do not want people to lose confidence in debit cards," said Beth Givens, executive director of the consumer advocacy group Privacy Rights Clearinghouse. The mystery surrounding the data breaches underscores loopholes within the majority of state laws which aim to mandate the disclosure of security breaches. Moreover, the silence over responsibility for the breaches contrasts consumer advocates' warnings that a federal law currently being considered by Congress will ironically roll back protections even further. [...] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/errata/dataloss/
Current thread:
- Debit-card fraud underscores legal loopholes lyger (Mar 21)