Credit Card Fraud Prevention for Merchants

05 Jan

Top Fraud Incidents of 2008

We could all argue about the top fraud incidents of 2008 but here are my picks for the top five. I’m basing the list on the number of records exposed and the amount of expectation that the entities entrusted with the data would take better care of it.

Bank of New York Mellon and Archive Systems, Inc.

An unencrypted backup tape with 12.5 million customers of the Bank of New York Mellon went missing on Feb. 27, after it was sent to a storage facility. The missing tape contains social security numbers and bank account information on 12.5 million customers. You would think that financial institutions would be more careful.

Hannaford Data Breach

In March, the Maine-based Hannaford Brothers grocery store chain announced that 4.2 million customer card transactions had been compromised by the hackers. This one was more interesting for two reasons. Over 1800 cards were used soon after the breach; we don’t see that often. Even more telling is that Hannaford appears to have been PCI compliant.

Countrywide Home Loans

2.2 million social security numbers and other ‘identity theft’ information stolen by an employee. Financial institutions need to screen employees and be ever-vigilant for signs of internal fraud.

Compass Bank

One million social security numbers stolen when a hard drive is stolen. Another inside job at a financial institution that makes us wonder just how safe out information really is.

GE Money and Iron Mountain

650,000 people were affected by the loss of a backup tape containing customer data of JC Penney and 100 other retailers. At least 150,000 social security numbers were also on the tapes. Here we have a credit card processor and a data security company loosing data. How bad is that!

The total

Those are my picks for the top breaches of 2008. There were more. Lots more. The Open Security Foundation reports 272 data breaches in the U.S. this year totaling 30.9 million records. There were five breaches of over one million records and three of them were at financial institutions.

That’s reason to wonder!

Similar Posts:

Bookmark and Share

Enjoyed this post? Found it informative? Click here to susbcribe to my RSS feeds!

This entry was posted on Monday, January 5th, 2009 at 1:45 PM and is filed under Data Breach, PCI Compliance, credit card fraud, fraud, fraud trends, profit from fraud. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

«
»

2 Responses to “Top Fraud Incidents of 2008”

  1. 1
    Adrian Says:

    <>

    That's almost 1/8 of the entire US population compromised ...IN ONE YEAR!!!
    How long do these guys require to expose the rest of the continent?

    January 6th, 2009 at 1:32 AM
  2. 2
    Tom Mahoney Says:

    They're working on it. According to the Washington Post, the number of breaches is up "nearly 50%" and the number of records is 35.7 million.

    http://www.washingtonpost.com/wp-dyn/content/article/2009/01/05/AR2009010503046.html

    It all depends on how you spin it. There is the number of breaches and there is the number of records. Remember that in 2007 the TJX breach alone accounted for 94 million records - almost three times the 2008 total. In '05 there was the Card Systems Solutions of 40 million.

    The TJX breach was preventable and there is no excuse for it but I hold banks and processors to a higher standard than a retailer. In my mind, the careless loss of a backup tape with 650,000 records is on par with 40 million records stolen in a sophisticated hack.

    The payment industry is fining small merchants for PCI compliance violations while banks and processors are loosing backup tapes. What's wrong with that picture!

    January 6th, 2009 at 8:01 AM

Entries (RSS) and Comments (RSS)

GPS Reviews and news from GPS Gazettewordpress logo

© 2007-2010 Merchant911,LLC All Rights Reserved - Distribution Encouraged -- Copyright notice by Blog Copyright

Privacy Policy