A FOCUS ON: CARDHOLDER DATA BREACHES
James Walsh
The world of Credit Cards has become far more complex than it was just five years ago. As technology makes credit cards more convenient, this same technology opens vast new avenues for fraud. Cardholder fraud can take many forms: from a stolen wallet, to a corrupt business employee, to some form of electronic theft. This Brookwood Capital Report will focus on Cardholder Data Breaches and choices a Card Issuer can make to respond to a Data Breach.
In a widely publicized example, TJX Companies, Inc., in Mid-December 2006, reported a major unauthorized intrusion into their computer systems resulting in consumers' credit card and debit card information being stolen. While exactly how many accounts were compromised is unclear, outsider estimates range into the "millions", but TJX said the number is far lower than that. VISA, MasterCard, American Express and Discover immediately began to identify cardholders, who made card purchases at over 2000 TJX Stores, which may have been compromised. They then started sending a series of emails to the issuing Credit Unions and Banks identifying these cardholders and account numbers.
AS A CARD ISSUER, HOW SHOULD YOU REACT?
The reaction by many card issuers was instant. They began a major effort to close and reissue all cards that could possibly have been impacted. Credit Unions and Banks from Maine to Alabama and from Texas to Hawaii began reissuing tens of thousands of cards or more that may have been compromised. The combined cost of these efforts was millions of dollars. The question this raises "Is this the correct action in every case?" MORE..
