I missed the recent report related to the TJX breach on 60 Minutes, but I did read the on-line version. Something in the article got me thinking. Although I knew that the bad guys are able to get their hands on enough information to commit Identity theft, I guess I hadn’t really thought about it.
These guys can get their hands on name, address, social Security Number, the answer to your security question (think Mother’s maiden name) credit card number complete with CVV codes – the works. No surprise there, it’s been happening for years.
What bothers me is where all this information is available in one place. I can think of only two – the card issuing bank and the Credit Reporting agencies. Naturally, Visa and Mastercard are in there too, but the whole structure surrounding that entity is that of an “Association” comprised of the issuers, the processors, and the acquirers.
There’s been lots of noise in the press lately telling us that retailers are the big weak spot in security.¬Ý Maybe.¬Ý But when’s the last time you heard the big three Credit Reporting agencies mentioned in the chain of custody?¬Ý They are the ones with all the information that’s getting auctioned off.
Think about it.
Similar Posts:
- On line credit card fraud is going to soar
- Top Fraud Incidents of 2008
- Data Breach Double Talk Spin?
- Credit Card Data Breach at Heartland Payment Systems
- CardNet Hides Their Secrets
