Visa says ATM breach may have exposed data

Visa USA on Tuesday confirmed an ATM security breakdown has exposed more consumers to potential mischief, the latest in a long line of lapses that have illuminated the often flimsy controls over the personal information entrusted to businesses, schools and government agencies.

The latest breach dates back to February when San Francisco-based Visa began notifying banks of a security problem affecting a U.S.-based contractor that processed automated teller machine transactions.

Visa, one of the nation's largest issuer credit and debit cards, publicly acknowledged the trouble Tuesday in response to media inquiries prompted by Wachovia Bank's decision to replace an untold number of debit cards issued to its customers.

Charlotte, N.C.-based Wachovia issued the card replacements last week as an antifraud measure, said bank spokeswoman Mary Beth Navarro. She declined to explain the circumstances that triggered the action after several months.

http://news.yahoo.com/s/ap/20060621/ap_on_bi_ge/visa_atm_breach

A programmer would have to deliberately change programming code to allow this to happen which implies that the multi-level change control system was either bypassed, or on purpose, or is a cover up for another way this information was stolen.

You all noticed that more personal information was 'stolen' in the last couple of years...

To the highest bidder most likely ...

"A programmer would have to deliberately change programming code to allow this to happen"

The transactions are highly encrypted and represent just a monetary transfer - from "checking to ATM withdrawal" (or a transfer). The account is debited and the ATM spits out cash. The programming code does not spit back 'tax id numbers' or other ID information (except for name maybe).

There would/should/must be no way a transaction coming from a ATM into the Transaction Server that would send mass personal information back to the ATM.

To say a 'hacker' utilized an ATM to gain mass account information is impossible. But, just like voting machines, they only execute instructions - provided by a human...

Not anyone acting through an ATM. Clearly the title once again does not reflect the truth contained in the article.

I'd say it's likely that the credit card info was stolen or sold. None of the rest of a person's info has to be made public in this era of lax credit card security.

feel they don't have too

Seems to be happening with a great deal of regularity. Once is an accident, twice is a coincidence, three times...?

http://www.privacyrights.org/ar/ChronDataBreaches.htm

88,348,579 as of June 16th.

Complete idiots. It took them over a month to notify me. It was my debit card. :grr:


What the hell is going on? TIA lives?!

because charges from some marketing company kept turning up on my statement. The cc company removed them but I had to throw a fit to get a new card #.

been occurring lately.

Maybe you should have claimed the card lost and it may have been easier to get a new one. Sounds like you were dealing with pricks that haven't had problems themselves or it would have been easier for you.

Glad it finally was resolved for you.

is there any way to know if I've been affected by this? I don't want to find out in a month that somebody's had all of my account info. i don't want to get hit with illegitimate overdraw fees :grr:

If their customers are effected, they most likely know about it already. In most states banks and credit companies are financially responsible for fraudulent transactions at least to some degree. (In my state, you only have to pay a max of $50) This makes banks and credit companies eager to fix problems like those mentioned in the OP. I used to work in the banking industry and in general they are rather eager to fix problems. If they think your account has been compromised, they'll have no trouble replacing your debit card with another. But if they are pretty confident your information is safe, you may still be able to pay a fee for a new debit card.

with my $7!

Apparently Visa is the one that took a month to notify the credit union. They were pissed off too. Luckily nothing happened with my piddly account. Who would want it?!

Info theft is epidemic lately. National ID anyone?:grr:

affected me personally. A couple of days ago I started getting overdraft notices from my bank, when according to my records I was supposed to have money in checking account. Came to find out that my husband's card number had been used to transfer over $1300 out of the account at an ATM 10 days ago. The card was in his wallet and had not been stolen. He also rarely uses it. We are getting the money and fees back, but it is not a good feeling. The rotters who do this sort of thing ought to be found and punished.