Identity Thieves Win Consumers Lose
ID Theft Disclosure Not Required by Visa and
MasterCard for individual consumers.
In a setback to U.S. consumers, a California judge
ruled last week that Visa and MasterCard International
do not need to send individual warnings to the
thousands of consumers whose personal account
information was stolen.
The ruling involved a consumer lawsuit in the
aftermath of the major computer security breakdown
involving CardSystems Solutions, Inc. which processes
payments for merchants. That computer breach,
initially disclosed by MasterCard three months ago,
exposed up to 40 million credit and debit accounts to
potential identity thieves.
According to the details of the lawsuit released
publicly, the identity thieves acquired at least
264,000 account holders information.
The data exposed involved customer names, account
numbers and security codes which id thieves can use to
make fake credit and debit cards.
The California attorney who filed the lawsuit, argued
Visa and MasterCard at least should be required to
notify the Californians whose account information was
The notification request was made under a 2-year-old
California law that has been widely copied across the
country to help ensure consumers are alerted when
their personal or financial information stored on a
computer is lost, stolen or breached
Both Visa and MasterCard argued they shouldn't be
obligated to send the notices because they don't have
direct relationships with the account holders, whose
cards were issued by the thousands of banks that
belong to the associations.
This means the individual financial institutions
affected account holders would have to be notified
individually by their bank. It's common knowledge
within the banking industry that individual notices
can result in card re-issuances which can cost as much
as $35 each.
So, our protection tip for today is a combination of
something old and something new. The old - closely
monitor your credit card statements for unusual
activity. The new - contact your credit card issuers
to inquire what information they have on file for your
account related to the CardSystem Solutions exposure
and what newly instituted preventative measures are
now available to protect & insure the integrity of your
account from identity theft.
Additionally, consider strengthening your account
access password and secondary security questions.
For example, many consumers use their mother's maiden
name or the state of birth for account access
verification which identity thieves can easily acquire
from the numerous on-line search services available.
Finally, implement a comprehensive, automatic
monitoring solution for your credit and public records
Refer to our "recommended resources" section for a
select few options available for your convenience.