Top Fraud Incidents of 2008

Posted on January 5, 2009 by Tom Mahoney

We could all argue about the top fraud incidents of 2008 but here are my picks for the top five. I’m basing the list on the number of records exposed and the amount of expectation that the entities entrusted with the data would take better care of it.

Bank of New York Mellon and Archive Systems, Inc.

An unencrypted backup tape with 12.5 million customers of the Bank of New York Mellon went missing on Feb. 27, after it was sent to a storage facility. The missing tape contains social security numbers and bank account information on 12.5 million customers. You would think that financial institutions would be more careful.

Hannaford Data Breach

In March, the Maine-based Hannaford Brothers grocery store chain announced that 4.2 million customer card transactions had been compromised by the hackers. This one was more interesting for two reasons. Over 1800 cards were used soon after the breach; we don’t see that often. Even more telling is that Hannaford appears to have been PCI compliant.

Countrywide Home Loans

2.2 million social security numbers and other ‘identity theft’ information stolen by an employee. Financial institutions need to screen employees and be ever-vigilant for signs of internal fraud.

Compass Bank

One million social security numbers stolen when a hard drive is stolen. Another inside job at a financial institution that makes us wonder just how safe out information really is.

GE Money and Iron Mountain

650,000 people were affected by the loss of a backup tape containing customer data of JC Penney and 100 other retailers. At least 150,000 social security numbers were also on the tapes. Here we have a credit card processor and a data security company loosing data. How bad is that!

The total

Those are my picks for the top breaches of 2008. There were more. Lots more. The Open Security Foundation reports 272 data breaches in the U.S. this year totaling 30.9 million records. There were five breaches of over one million records and three of them were at financial institutions.

That’s reason to wonder!

Similar Posts:

About Tom Mahoney

Tom Mahoney is the Founder and Director of Merchant911, a site dedicated to helping e-commerce merchants.
This entry was posted in credit card fraud, Data Breach, fraud, fraud trends, PCI Compliance, profit from fraud and tagged , , , . Bookmark the permalink.
Post comment as
twitter logo facebook logo
Sort: Newest | Oldest
Tom Mahoney

They're working on it. According to the Washington Post, the number of breaches is up "nearly 50%" and the number of records is 35.7 million.

http://www.washingtonpost.com/wp-dyn/content/artic...

It all depends on how you spin it. There is the number of breaches and there is the number of records. Remember that in 2007 the TJX breach alone accounted for 94 million records - almost three times the 2008 total. In '05 there was the Card Systems Solutions of 40 million.

The TJX breach was preventable and there is no excuse for it but I hold banks and processors to a higher standard than a retailer. In my mind, the careless loss of a backup tape with 650,000 records is on par with 40 million records stolen in a sophisticated hack.

The payment industry is fining small merchants for PCI compliance violations while banks and processors are loosing backup tapes. What's wrong with that picture!

share
  • spam
  • offensive
  • disagree
  • off topic
 Like
Adrian

<>

That's almost 1/8 of the entire US population compromised ...IN ONE YEAR!!!
How long do these guys require to expose the rest of the continent?

share
  • spam
  • offensive
  • disagree
  • off topic
 Like