Heartland update
According to the latest update on Bank Info Security the reports of confirmed compromises has grown to 560 banks reporting 1,075,444 cards compromised. But again, it’s important to note that only 172 of the listed banks have actually reported numbers. That is a bit less than a third. We can only speculate on the total number of cards exposed or at risk but clearly it’s in the millions.
The new breach
Last week I reported on the wide spread speculation of a new breach of an unnamed processor or acquirer. This speculation was based on Visa’s issuance of a new CAMS alert number. Normally, a CAMS number is issued for each reported incident but Visa, probably in light of all the speculation, is now saying that the new report refers to a previous breach. I leave it up to you to decide how much truth there is to that claim. Only time will tell.
PA Credit Union Association
Also, last week I reported on a statement on the Pennsylvania Credit Union Association website reminding their members that the new breach (referenced above) did not involve track data and could only be used in CNP transactions for which chargebacks would relieve them of financial loss. Needless to say, that got the e-Commerce community fired up. If you click the link now, you will see that the PCUA has changed the language to
the risk of unrecoverable fraud is lower and you may wish to monitor the accounts instead of blocking and reissuing. However, your credit union’s best safeguard against fraud on these accounts is to block and reissue.
That’s a lot less offensive to on-line merchants than
Since track data was not compromised, we are not suggesting that you block and transfer these compromised accounts. Chargeback rights should exist for all Card Not Present transactions simply by the cardholder asserting a dispute for the unauthorized transactions.
The bottom line
One thing is for sure in all this. The entities involved are continuing their veil of secrecy, double talk and deceit.
Similar Posts:
- 300 Banks, 3 Arrests, and the Saga Continues
- Heartland Data Breach rears its ugly head again
- E-commerce Merchants Beware
- Data Breach Double Talk Spin?
- More on the Heartland Breach
