Local expert urges extra care after massive amount of data stolen from credit card holders

Names, account numbers, validation codes and customer addresses stolen

Millions of people with Mastercard or Visa credit cards will likely be getting data breach notification letters in the next few weeks after a massive data security breach at one of the main companies that processes transactions.

Visa and MasterCard are investigating whether that breach exposed private customer information, bank officials said. The event highlighted a crucial vulnerability that could affect millions of cardholders.

The breach occurred at Global Payments, an Atlanta company that helps Visa and MasterCard process transactions for merchants. One bank executive estimated that about 1 million to 3 million accounts could be affected. That does not mean all those cards were used fraudulently, but that credit card information on the cardholders was exposed.

A bank official, who insisted on anonymity because the inquiry is at an early stage, said that Visa and MasterCard notified his company, but that banks had been frustrated with the pace of disclosure by Global Payments. He said that Global Payments, which is one of the biggest transactions processors, had provided little information on where the breaches took place, how accounts were hacked and other details that could indicate which customers might be vulnerable.

Banks said that when they could identify victims, they would notify them and replace credit cards, if necessary.

That's not enough, according to Jim Van Dyke, founder and president of Javelin Strategy and Research, a Pleasanton-based company that provides information for banks and others.

"People are often led to believe that someone's taking care of them. That's usually not the case," Van Dyke said. He said people need to pay extra attention to their accounts after receiving a data breach letter. A recent report from the company notes that as of 2011, those who receive those letters are nine-and-a-half times more likely to be a fraud victim than anyone who has never received a letter. That's up from six times more likely in 2010, four times more likely in 2009 and three times more likely in 2008.

Keeping safe from identity theft, he said, "is all about three things: prevention, detection and resolution."

"Get some protection on your computer. Don't post things on line, like social security numbers, your mother's maiden name, the name of your pet," Van Dyke said. "Monitor your identity."

Van Dyke's company offers a research-based quiz that can tell what a person's likelihood to be a fraud victim.

While far from the largest breach of credit card data in recent years, the latest incident, which is being investigated by major banks and federal authorities as well as the card companies, underscores concerns about the vulnerability of electronic financial data.

As financial services companies have improved security over the past year, criminals have aimed at a specific part of the credit card system: the payment processors that act as a bridge between banks and retailers. Security consultants say the sophistication of these attacks is increasing.

Bank officials said they were told by Visa and MasterCard that the breach occurred sometime from late January to late February, and included what is known as Track 1 and Track 2 data. That includes details like names, card numbers, validation codes and in some cases, customer addresses.


Like this comment
Posted by BillHilly
a resident of Another Pleasanton neighborhood
on Apr 11, 2012 at 8:36 am

Data security breach in Atlanta? Surely it couldn't have been one of the affirmative action hires from a prison furlough program that would have had the audacity to do this. It was probably a European American head of security - as portrayed in the Damon Wayons movie "Mo' Money."

Good on Mr. Van Dyke for pointing out how little credit card companies will do to protect the consumer after it's their fault the consumer has been violated. Good think our politicians both left and right have such terrific relationships with these banks - I'm sure that means they'll hurry up and do what's best for the consumer in short order.

Like this comment
Posted by No Confidence
a resident of Pleasanton Heights
on Apr 12, 2012 at 12:29 pm

How can we possibly move from a paper system to an electronic system with confidence when this kind of thing happens? I have yet to pay a bill on line, and probably won't until I'm certain this stuff won't happen. BTW, I got 2 calls: one from Visa, the other from my health plan administrator. So I've been compromised x 2.

Like this comment
Posted by Henrietta
a resident of Rosewood
on Apr 12, 2012 at 12:46 pm

With the new BART system now in place just about anything can happen.

Like this comment
Posted by Maggie
a resident of Valencia
on Apr 12, 2012 at 2:19 pm

Zero Liability...that is what you have when you use Visa. Can't say that for the cash in your pocket or in checking and savings. Using a Visa credit card is more secure than cash and checks. Your responsibilty is to report fraud in 60 days of transaction. Unfortunately there will always be hackers but again, youhave zero liability when reported in the 60 day time period. Can't say that about losing cash..

Posted by Name hidden
a resident of Ridgeview Commons

on Jun 5, 2017 at 5:56 pm

Due to repeated violations of our Terms of Use, comments from this poster are automatically removed. Why?

Sorry, but further commenting on this topic has been closed.

New state housing requirements could affect Pleasanton
By Jeb Bing | 6 comments | 616 views

Time for new collaboration between city and school district
By Tim Hunt | 2 comments | 411 views

Salami, Salami … Baloney
By Tom Cushing | 15 comments | 298 views