BreachExchange mailing list archives
Michaels Breach: Who's Liable?
From: security curmudgeon <jericho () attrition org>
Date: Mon, 23 May 2011 13:47:36 -0500 (CDT)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://www.bankinfosecurity.com/articles.php?art_id=3668 By Tracy Kitten Managing Editor Bank Info Security May 22, 2011 A Chicago consumer affected by the Michaels card breach has filed a federal lawsuit against the crafts retailer, claiming it should have better protected customers' cards from breach and compromise. Brandi F. Ramundo had more than $1,300 withdrawn from her checking account, after reportedly making a debit purchase worth less than $20 at Michaels. Her five-count suit seeks class-action status, a jury trial, compensatory damages, and consequential and statutory damages. It also includes an order for Michaels to pay for card-fraud monitoring services for consumers hit by the scam, as well as compensation and punitive damages for costs associated with the suit. Ramundo's suit raises questions about liability after a card breach fraud. What role should merchants play, when it comes to ensuring transactional security, and how should financial institutions, as card-issuers, fall into the fray? Attorney Randy Sabett, partner and co-chair of the Internet and Data Protection practice at law firm SNR Denton LLP, says the liability lines are often blurred and hard to define after a breach. Despite that card fraud usually occurs outside banking institutions' control, banks and credit unions, as the card issuers, usually absorb losses and expenses associated with breach recovery. [...] _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Learn encryption strategies that manage risk and shore up compliance. Download Article 1 of CREDANT Technologies' The Essentials Series: Endpoint Data Encryption That Actually Works http://credant.com/campaigns/realtime2/gap-LP1/
Current thread:
- Michaels Breach: Who's Liable? security curmudgeon (May 24)