PNC probing Cincinnati-area debit card breach

[Jake Kouns <jkouns () opensecurityfoundation org>]

http://cincinnati.bizjournals.com/cincinnati/stories/2010/03/15/daily53.html

PNC Financial Services Group is investigating a possible security
breach involving some debit cards issued by the former National City
Corp., which it acquired in December 2008.

The problem surfaced when former National City customers began
reporting unauthorized charges on their accounts.

A PNC spokesman said in an e-mailed statement that the breach involves
a small number of cards in the Cincinnati area, and it appears to have
been committed by someone outside PNC or National City prior to the
merger. It doesn’t involve any PNC-branded cards or longtime PNC
customers.

He added that the breach isn’t related to the recent conversion of
National City branches to the PNC nameplate, which took place locally
in February. At that time, former National City customers received new
PNC debit cards and credit cards.

“As of last night, PNC has shut down National City debit cards in the
Cincinnati area and asks that customers who have not yet done so
activate their PNC debit cards,” according to the e-mail. “PNC is
working one-on-one with customers to refund accounts, and has been
returning funds within 24 hours.”
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php