A breach of computer security at an independent sales organization led to what may be among the largest thefts of card account numbers in the U.S.-10.2 million in all-and raised once again questions about the safety of information stored in databases.
The hacker break-in to the database of DPI Merchant Services occurred in early February, and affected cardholders of Visa U.S.A., MasterCard International, American Express Co. and Discover Financial Services. How the hacker broke into the Omaha, Neb.-based processor's site was not disclosed. By mid-March, there had been no reports of fraud on the improperly accessed accounts.
Visa and MasterCard left it up to individual members to decide whether or not to issue cards with new numbers. Among those re-issuing were Pittsburgh-based PNC Bank Corp. and Providence, R.I.-based Citizens Financial Group Inc. PNC, which has issued 2.5 million Visa check cards, deactivated 16,000 cards and issued new ones. Citizens Financial, which has 750,000 debit MasterCards, shut down 8,800 cards and issued new ones.
Re-issuing cards could prove costly. Sending out replacement cards would cost issuers about $35 per card, according to Avivah Litan, vice president and research director at Gartner Inc.
Authoritative analysis and perspective for every segment of the payments industry
Authoritative analysis and perspective for every segment of the industry
Have an account? Sign In