CardSystems 40 million Identity Theft FTC Settlement

Several major banks abruptly cancelled and reissued ATM debit
cards to over 200,000 consumers nationwide.

As follow up to our recent article on the single largest identity
theft/security breach to date, the FTC announced the settlement
with CardSystems and their failure to protect sensitive card
information affecting millions of consumers.

It was the largest known compromise of financial data to date.

In that security breach in 2005, identity thieves were able to
generate millions of dollars in fraudulent purchases and
compromised millions of credit and debit cards, according to
Federal Trade Commission (FTC).

CardSystems, now owned by Pay by Touch Solutions, is a payment
processor for all of the major credit cards known under
the Visa and MasterCard brands.

CardSystems authorized and approved credit and debit card purchases
for merchants last year amounting to 210 million card purchases.

CardSystems collects card numbers, expiration dates, and other
personal data from the magnetic strip of the card which was
subsequently stored on its computer network.

Just the type of data identity thieves prefer to generate fake
ATM or credit cards.

The FTC accused CardSystems of failing to have enough security
measures in place to keep hackers out of its computer network
and to limit access between computers on its network and
between its computers and the Internet. The company did not
do enough to detect or investigate unauthorized access to
personal information, the FTC said.

As part of the FTC settlement, CardSystems will be required to
be audited every two years for the next 20 years by an independent,
3rd party to confirm its security program meets the standards of the
order.

CardSystems, though, could still face massive civil litigation which
may explain why they were sold in December, 2005 to Pay by Touch
Solutions.

So, our tip for today is contact your bank if you have not already
received your new ATM/debit card containing a different access
number. Be proactive as several major banks have abruptly cancelled
the debit cards of as many as 200,000 customers within the past 3
weeks.

Finally, identity theft can actually show up months after the actual
theft takes place, so it's prudent for you to adopt a stringent policy of scrutiny. To make this easy for you, we urge you to
enroll in automatic account monitoring both at your bank, credit
card, & credit reporting levels.