Tag Archives: American Express

Breach Brief – Macy’s, Adidas

Macy’s department stores has reported a data breach of customer data. The breach affects Macy’s online customers and exposed names, addresses, phone numbers, email addresses, birthdays, and credit and debit card numbers with expiration dates. Macy’s pointed out that it does not store credit verification values (CVV) or Social Security numbers in its online customer profiles. Macy’s has reported the data breach and exposed card numbers to payment processors Visa, MasterCard, American Express and Discover. Macy’s has not said how many customers are impacted.

According to Macy’s the breach took place between April 26 and June 12. The company reported that an “unauthorized third party” had obtained usernames and passwords and were able to log into Macy’s and subsidiary’s Bloomingdale’s shopper’s online profiles. It is not known how the hackers got the information. Macy’s reported the breach in a letter to the New Hampshire Attorney General’s Office on July 2nd.

Macy’s has frozen any customer profiles with suspicious activity until the customers change their passwords.

“We have investigated the matter thoroughly, addressed the cause and, as a precaution, have implemented additional security measures,” the company said in a statement. “Macy’s, Inc. will provide consumer protection services at no cost to those customers. We have contacted potentially impacted customers with more information about these services.”

 

Adidas

Adidas, maker of sportswear and equipment, issued a warning to online shoppers in the U.S. that their personal information may have been compromised as a result a suspected data breach.  Adidas first became aware of the incident on June 26 and analysts are saying that potentially millions of customers could be affected.

A preliminary investigation revealed that the hacker may have stolen customer’s contact information, usernames and encrypted passwords. Adidas does not believe any credit card or health and fitness information was compromised.

A statement on Adidas’ website read; “According to the preliminary investigation, the limited data includes contact information, usernames and encrypted passwords. Adidas has no reason to believe that any credit card or fitness information of those consumers was impacted.” The company is in the process of notifying affected customers.

Breach Brief – Best Buy, Delta, Sears, K-Mart

Delta Airlines, Sears, Kmart and Best Buy and others have all been hit with a data breach that is connected with  Indian Company [24]7.ai. According to a statement from the company, it “discovered and contained an incident potentially affecting the online customer payment information of a small number of our client companies, and affected clients have been notified.”  The incident took place Sept. 26 and was finally shut down on Oct. 12, 2017. The company has notified notified law enforcement.

[24]7.ai claims the breach affected a small number of clients but, in reality, that small number contains some the biggest, most well known, companies in the U.S. and the world.

[24]7.ai is a third party vendor that provides online and mobile chat services. According to CNET in addition to the above mentioned companies other big name companies potentially impacted by the breach include Hilton, AT&T, Citi, American Express, eBay and Farmers Insurance. Both American Express and Farmers Insurance have confirmed they were unaffected by the breach.

According to Sears, owners of K-Mart, unauthorized access to customer payment information was limited to less than 100,000 of its customer’s credit card information. Sears says there was no evidence that stores were compromised or that any internal Sears systems were inappropriately accessed.

Delta airlines, among the worlds largest, reported that certain customer payment information may have been accessed but denied other customer personal information, such as passport, government ID, security or SkyMiles information was impacted. “As best we can tell, only a small fraction of our overall online customer population could have been caught up in this [24]7.ai incident, whether or not they used the chat function.”  But Delta also stated that it can’t confirm if customer data was actually compromised. Delta is continuing its investigation and has launched a dedicated website to provide the latest developments to customers.

Delta stated that software used by [24]7.ai may have exposed the payment information of as many as several hundred thousand customers using Delta’s PC-accessed website. The company is especially concerned because customers didn’t have to interact with the chat tool to be hit by the hack.

According to Delta customer information compromised includes names, addresses, payment card numbers, CVV numbers, and expiration dates. Customers using the Delta’s Wallet service are considered safe as the malware could only grab information entered on the screen. Delta Wallet “masks” this sensitive information.

Electronic retailers Best Buy also acknowledged  it was hit by the same data breach related to [24]7.ai. In a blog post Best Buy said that [24]7.ai  had informed the company that an “illegal intrusion” had occurred between September 27 and October 12, 2017. Best Buy says it will inform affected customers directly and they will not be liable for fraudulent charges. It will also offer free credit monitoring.

 

 

Kenneth Chenault Joins Facebook

Kenneth Chenault

American Express CEO Kenneth Chenault has joined Facebook as its first African-American Board member. Chenault will officially join Facebook on February 5th after 16 years as AmEx CEO. 

Chenault, described by the Wall Street Journal as “one of the country’s most prominent African-American corporate leaders,” will become the first non-white member of Facebook’s board of directors. 

This move by Facebook is an effort  to address the diversity issues that face Silicon Valley. Sheryl Sandberg, Facebook’s chief operating officer told the Congressional Black Caucus in October that Facebook would hire a black board member “in the foreseeable future.” 

Chenault has been a recruiting target for Facebook years according to Mark Zuckerberg. In a Facebook post Zuckerberg wrote, “I’ve been trying to recruit Ken for years. He has unique expertise in areas I believe Facebook needs to learn and improve, customer service, direct commerce, and building a trusted brand. Ken also has a strong sense of social mission and the perspective that comes from running an important public company for decades.”

Facebook, the worlds largest social network, is fighting to clean up its image when it comes to race. The company has faced withering criticism around its ethnic affinity marketing technology that allowed marketers to exclude minorities from ads related to housing. It is unclear how the Chenault hiring will impact this area.

 

 

Online Holiday Shopping 2016 – Best Gift Card Sites

id-100113870

Photo courtesy of Nirots

There is a magical gift that, no matter what, is always exactly what the person wanted or needed. It is adaptable to any situation or occasion. This gift can be from the recipient’s favorite store or any store anywhere. And this gift can purchased for less than face value.  What is this super gift? The gift card of course!

One of the best gift cards to give is the reliable VISA ,MasterCard  or AmericanExpress Gift card. These three are perfect for gift giving because they can be used anywhere the credit cards are accepted and some are even re-loadable. How can you possibly go wrong when the gift card can buy anything from auto parts to nice dinners to clothing and jewelry. Using these cards as holiday gifts is a no brainer.

But should you have someone with particular tastes or if you know there is some place they get a special kick out of shopping then you can buy specific store gift cards. Almost every store provides gift cards and the top gift cards of 2016 can be found by clicking here.

And since this is the giving season lets look at the top gift cards sites. As I always say, “Black people don’t play when to comes to money!” So for African-Americans looking for the best deal on holiday gift cards there are a few sites you need to check out. These sites sell gift cards for below face value and these deals can save you some big money.

gift-card-granny-logoLets start with GiftCard Granny. The most amazing thing about GiftCard Granny is that you can actually download the Chrome extension and the apps for Apple and Android devices. GiftCard Granny offers over 150,000 gift cards from just about every store you can imagine and the discounts are nice. As much 20 percent off in some cases.  You can also sell your unused gift cards through the site. 

 

 

ebatesNext up is Ebates. This is another superstore of gift cards and they advertise discounts of up to 30 percent. And yes there  are thousands of stores and millions of cards to choose from. The deals are there but… You have to surrender your email address to even shop there. The site won’t even let you browse without surrendering some data. A definite turn off during the holiday season and good reason to move on to other gift card sites. 

 

raiseRaise.com is yet another excellent discount gift card website. This site lets the buyer shop using several parameters that include price, card type (physical or electronic),  and about twenty different categories of gift cards.  And if you are in Chicago you can check out the specials there as well. I am sure more cities will be offered soon. But trust me they have all of the major retailers  and hundreds of other specialty store and restaurants from Taco Bell to specialty steak houses. Right now it is also offering a new  sale section for additional discounts.

 

cardcashCardCash.com allows the user to buy and sell gift cards with awesome discounts.  And CardCash offers a 45 Day Buyer Protection Guarantee against those ever present holiday scam artists.  This site also allows you to search by physical or electronic cards and numerous different categories. You can find discount cards for hotel stays, restaurants, even frozen dinners. Here you can find gift cards discounted as much as 30 percent.

 

whizwalletWhizWallet.com offers discount cards from numerous different sites. According to their website they aren’t following the model that other sites use. Sites mentioned already buy and re-sell the gift cards. But WhizWallet compiles the inventory of the best discounted gift card sellers.  Using WhizWallet can help the customer find the right credit card, buy retail cards and discount cards. As always the selection is pretty expansive and you are bound to find the store you are looking for.

 

giftcardsGiftcards.com is another excellent gift card site that offers several different cards from various stores and providers. This site allows the user to even customize the gift card for special occasions. Y0u can get eGift cards delivered to your smartphone and again, every store is represented.

Holiday season is extremely busy and stressful for everyone. Trying to find the right gift for someone special can be a real headache.  But a gift card can definitely help. You literally have millions choices from stores to locations to type of gift. There are gift cards that allow you to give some special person a cruise or a vacation if you have that kind of money. May we suggest a Neiman Marcus Gift Card?

 But you may still need a little help. So WalletHub has released 2016’s Best Gift Card List  to help you choose. You can also check out their 10 Tips for Getting the Best Gift Card.

Finally, some people say that gift card are lazy gifts and seem impersonal. But research indicates 42 percent of Americans appreciate gift cards and cash over being mis-gifted. 

EMV is Coming! EMV is Coming!

chipcardOctober is EMV card month. And what is EMV? Currently there are 1.96 billion credit cards in circulation and they are about to change. Black people all over America are walking around with a credit or debit card in their purse or wallet. So we need to know and understand what EMV is and how it will change the landscape of credit card use starting in October. So lets get started.

First of all next month the way you use your credit or debit card will change. The first thing that will change is the card itself. America is the last major market on earth to switch to the chip embedded card. Why? The short answer is laziness, stupidity or ignorance by all involved. If you have not already received your chip embedded card now is the time to call your bank or card provider and ask when you should expect it.

The new card is called the EMV which stands for  Europay MasterCard VISA after the people who invented it. The first noticeable difference in the new card will be the chip, which is the small silver or gold chip embedded in the front of the card. Because of this chip the card should be more secure than the current magnetic stripe card you may still be carrying. Magnetic stripe cards save static payment data that can be copied, stolen or skimmed from one card and put onto another. This duplicate card data is then used to make all kinds of fraudulent purchases. Magnetic strip cards are simply outdated and notoriously insecure. The EMV technology adds a layer of security to the payment process.

EMV card readerf

EMV Card Reader

The EMV card works a little differently. The chip you see on your card has encrypted data. EMV card readers can read that data. Each purchase made with an EMV card creates a individual code unique to that particular purchase. If a hacker got a hold of that code he would not able to use it. You should be seeing the card readers in stores already. Once you slide your card into the reader, no more swiping, powerful cryptographic functions validate the authenticity of the card and cardholder. Bottom line is the encryption makes it extremely difficult to create a duplicate or fake card. But keep in mind that the magnetic strip is not likely to disappear from cards. Many small merchants will continue to use the old style card reader.

When you pay using the EMV card reader your card is instantly identified as being authentic by a process called dynamic authentication. When used with a PIN, the chip proves that the customer is paying with his or her own card.

Another change coming in October is the liability shift. A liability shift means that the responsibility for credit card fraud shifts slightly from just the card issuer to a shared liability of both the issuer or merchant that doesn’t use EMV technology. This change provides both parties with an incentive to adopt the technology. However it is not required that either party switch to the new technology. Why? Lets keep this as simple as possible; some issuers and merchants may still feel it is cheaper to take a loss on card fraud than to invest in the new technology. Is that simple enough for you?

NerdWallet’s Sean McQuay, a credit card expert and former VISA strategy analyst says, “EMV is a powerful tool, but it’s only effective if both consumers and merchants are ready to use it for transactions. Consumers need chip cards and merchants need chip readers. If only one side has upgraded to EMV for a specific transaction, then the upgrade was a waste.”

But will EMV solve all of our card security concerns? Probably not. This new technology is great but not perfect.

For example; in person transactions would definitely be more secure. Not so with thecard not presenttype of transaction such as purchases by phone or online. Using your card at the gas pump will continue to be dangerous since gas pumps aren’t required to implement the new technology until 2017. So this type of fraud is expected to increase.

So learn to protect yourself. Hackers are going to be going after those store that don’t use the new EMV card and card readers. That’s the first place you are vulnerable. Avoid those stores whenever possible by keeping a little extra cash in your pocket. And demand the new card from your bank or issuer. If they have decided not to go with the new technology then you may want to got with an institution that does.When shopping online avoid unfamiliar or unsecure websites. When you see “https” at the beginning of the payment page’s URL that means it is a secure payment site. Avoid it if you only see “http.” Change your user name and password regularly if you store your card information with any online retailers. Avoid sending credit card information via email or social media. 

Finally, criminals work hard too steal your money. The technology arms war n isever ending and hackers have already developed methods for hacking the EMV cards. Read on!

Here is more of what you need to know about the new EMV card technology.

Federal Reserve say Chip and Signature Not Enough.

Bad Guys Already Compromising Chip and PIN Cards

Now you know.

Secure Payments Arrive For Black Consumers

credit-card-safeHackers have been having a absolute field day breaking into store payment systems and stealing credit card data with impunity. The problem is intolerable for the consumer and costing everyone money everyday. Kaspersky Labs reported that over $1 billon dollars has been stolen from banks using sophisticated malware. Not to mention the additional billions lost in fraudulent credit card purchases and ATM fraud.  Last year that number topped $5 billion. In the end its always the consumer, that’s you and me, that pays for this fraud.

Securing the payment systems of American consumers has become the single most pressing cyber security problem for banks, pay services and merchants. Americans fear cyber crime and identity theft more than being murdered.

Thankfully credit card and technology companies are devising new more technologically advanced ways to combat data breaches and credit and debit card fraud. This is vitally important to African-Americans who are frequent Internet shoppers. And the last thing we tolerate is something funny happening with our money. As I have said many times before, black people don’t play when it comes to our money.

Black consumers, like all American consumers, should learn and quickly adopt the new ways that payments are being secured not only online but in brick mortar stores. Advances in technology allow payments to be made directly from a smartphone, new PIN and Chip technology prevents duplication of credit and debit cards and some systems are implementing single use tokens. The age of secure payments has arrived.

 

US-WhiteHouse-LogoThe White House Summit on Cybersecurity and Consumer Protection

This event, held at Stanford University, saw multiple companies and trade organizations announce new initiatives aimed at securing Internet transactions and reducing fraud.

A White House fact sheet revealed the efforts of the major players in the payment industry. Visa, for example, is committing to tokenization or substituting credit card numbers with randomly generated tokens for each transaction. They plan to initiate this system by the end of March.

The other payment giant, MasterCard, is investing more than $20 million in new cybersecurity tools that include the deployment of Safety Net, a new security solution that will reduce the risk of large-scale cyber-attacks.

SafetyNet is designed to add an extra layer of security by working with a bank or processor’s own security systems and detecting attacks before they happen.

Intel is releasing a new authentication technology that eliminates the password. The technology employs biometrics or personal physical measurements such as fingerprints or retinal patterns. American Express also announced a new multifactor authentication technology for consumers. MasterCard and First Tech Credit Union revealed a new pilot program that would allow consumers to authenticate and verify their transactions using a combination of biometrics, such as facial and voice recognition.

The president launched the BuySecure initiative in October of 2014. The initiative priorities include;

  • Securing payments across the economy, by advancing federal efforts to transition to more secure payment systems, building public-private awareness about more secure authentication, and calling on industry to enhance the security of their own systems and offer more secure options for their customers.
  • Helping Americans secure their good name, by improving resources to identify and remediate identity theft. This includes supporting credit score transparency and improving identity theft resources available to American consumers.
  • Enhanced information sharing, by enhancing the ability of federal agencies and industry to regularly exchange information about consumers’ compromised accounts.

what-kind-of-cr-1

Apple Pay

The AACR wrote back in September of Apple’s debut of the new Apple Pay technology. While everyone was raving about the new iPhone 6 Apple murdered the credit card.

Apple Pay replaces your credit card and the traditional swipe at the register. Apple Pay has made the act of purchasing easier by allowing you to just wave your phone in front of a reader in order to make a payment.  Apple claims the system is more secure than regular credit cards since the number is never stored on the phone or Apple servers and no one ever sees it. The credit card number is replaced by a “unique device number.”

Your credit cards will be stored in Passbook. You can add cards to your phone by taking a picture of the card or typing in the necessary  information like the credit card number, expiration date, and security code. It works with pretty much all credit cards and banks. According to Apple over 220,000 merchants are currently accepting Apple Pay.

MasterCard

MasterCard announced in October 2014 that it was partnering with Zwipe to develop a payment card with a built-in fingerprint authentication sensor.

The card allows customers to make contactless payments, using their fingerprint to confirm their identity. This eliminates the need for PINs and passwords thus increasing security.

VISA

A recent study from Visa Europe indicates that the new generation of banking customers would rather use biometric security devices than PINs and passwords for authentication.

Visa found that 75% of 16- to 24-year-olds said they would have no problem using biometric security, with 69% expecting it to be faster and easier than a password or PIN.

Visa also launched the Visa Token Service (VTS) in September 2014. The one time use token replaces the 16-digit account numbers, expiration dates and security codes, with so-called tokens. The tokens are a unique series of numbers that can be used to make payments without exposing the sensitive credit data such as the numbers, security code and expiration date.

Over 500 financial institutions have already implemented VTS according to Visa. The service will be expanded this year to additional payment environments. Visa also says tech companies and device manufacturers will deploy VTS on mobile devices. Merchants will also start using the solution to secure transactions made through mobile payment applications. Online merchants are also expected to deploy the tokenization service.

American Express

Tokenization has also been embraced by American Express, and the retail industry is seeking to develop a universal tokenization standard.

Amex will replace traditional 16-digit credit card numbers with a digital token. Consumers using the card supporting the token can make purchases online, with a mobile application, or in person using Near Field Communication (NFC) devices similar to Apple Pay technology.

The movement to more secure payments methods comes as retailers see the October 2015 deadline to support chip-and-pin credit payments getting closer. Merchants are being crushed under repeated data breaches costing ten of millions of dollars in repairs and legal costs.

Breaking It Down

Alright so what took so long? If you read this article you saw that the credit card companies have until October of this year to move to the new PIN and Chip cards. They had no choice. This situation is bad for everybody. Everybody is losing money and everybody is getting sick of it and everybody sees that no end was possible as long as the hackers had the upper hand. These payment companies, merchants and banks were locked in a cycle of one data breach after another and each more expensive than the last. The government was going to force a change this so they decided to get ahead of the wave. They had no choice. They could look out from their lofty corporate towers and see the angry flames of consumer torches gathering in the street below. It was not going to be pretty and they knew it. So now after losing hundreds of millions of dollars and looking stupid compared to the hackers, they have decided to act. They had no choice. They want you to believe that they did this on their own. But this could have been done at least two years ago. Europe has had the PIN and Chip technology for at least five years. These companies decided that since no one was making them do it why do it. But then the bleeding started. Hackers were draining the life out of these corporate clowns and their bottomline. The math was starting to swing against them and the government was getting involved. That is the only reason they decided to act. They had no choice.

 

 

 

Online Holiday Shopping Series #1

It’s November and the holiday shopping season is upon us again. The African American Cyber Report is launching a weekly series focusing on online holiday shopping. Each week through New Year’s Day we will investigate a different facet of online shopping from safe and secure payments to the apps and websites that get you the best bargain. If we hear of a special sale or online event we will let you know about that as well.

African-Americans are a powerful consumer segment. According to a report from The Nielsen Company entitled The State of the African-American Consumer,” black buying power is nearly $1 trillion. How’s that for a U.S. consumer market segment? Black people are not only a significant market segment but they shop more than other groups, spend less money per trip and spend more time investigating the product before buying. Research indicates black people are smart, savvy shoppers.

Before we examine the choice of credit versus debit cards for shopping online we need to take a quick look at black people and their credit cards. According to a report from the NAACP and public policy research firm Demos entitled “The Challenge of Credit Card Debt for the African-American Middle Class,” approximately 42 % of black households are in debt. These families are borrowing simply to make ends meet and to pay for basic expenses, such as groceries, rent and utilities. Overall black people face greater credit restrictions and are more likely to be subject to harsh credit collection tactics. Many black people pay higher interest rates and fees for alternative financial services that includes pre-paid debit cards and check cashing services. So the picture shows that we have a powerful market presence but we also have problems managing and retaining credit. And I might add that it is not always someone else’s fault.

Credit vs. Debit for Online Shopping

Right off the bat the credit card wins hands down for shopping online. But lets not ignore the benefits of the debit card. Especially if you have a tight budget and need to restrict the spending of yourself or someone else.

Credit cards offer distinct advantages over debit cards.  And if you are holding a credit card now is the time to get real familiar with the protections that come with that card. Make sure you understand what security measures the card offers against fraudulent charges as well as the method for disputing purchases. There are going to be black people who order something from an online store only to discover that it is not what was advertised. As an African-American consumer make sure you know the dispute process . Study it before you hit those online sales. Its your money we’re talking about.

Carrying around a credit card from the right company offers some awesome benefits. These benefits can vary from one card issuer to another so it’s a good idea to study your account agreements for the details. Study that thing and make sure you know it. It can save you some headaches and provide some surprising benefits on everything from buying airline tickets to renting a car to getting a warranty extended. If you’re planning to travel over the holidays then you need to investigate the travel benefits of your credit card. Some credit cards offer travel services like getting a seat upgrade or discounts on luggage fees. Other benefits include rental car upgrades or insurance or hotel discounts and upgrades. Travel insurance is also available from some cards free of charge. Some cards offer help finding a doctor or lawyer. If you buy a product that has a warranty you can actually get that warranty extended for up to a year depending on the credit card. But keep in mind that these benefits are sometimes automatic and others you have to ask for. So studying your card agreement is extremely important. Didn’t I say that before?

The beauty of credit cards is that there is an extra layer between your real money and other people. A debit card or pre-paid card is the same as cash and that is where you find additional, and unnecessary risk. As soon as you make a purchase that money is out of your account.  Any problem with the purchase and its just you and the merchant. And that is a very weak negotiating position. The Better Business Bureau or your bank may be able to help but not much.

By using a credit card, you have a powerful company on your side. This makes disputing charges and getting satisfaction when having to return an item much easier. With a credit card the purchase in dispute is not yet paid for. The card issuer can refuse to honor the demand for payment and that leaves the merchant in a lurch. So that merchant is more likely to respond favorably to your demands. CreditDonkey.com, a credit card comparison website, offers a list of the best credit cards for shopping online.

For all you out of control spenders, credit cards are still better than debit cards. A frequent complaint about using credit cards as a primary form of payment is that the advantages are outweighed by disadvantages for many people. As I stated above many African-American consumers simply can’t handle credit cards without spending more than they can afford. And what happens? Higher interest rates, ruined credit scores, all that.

But overdraft protection on a debit card is even worse. Yes, you can over spend with a debit card. Over charging on your debit card results in multiple overdraft fees which are more than credit card interest rates and late payments. And unlike a credit card bill that arrives once a month your bank account takes the hit immediately. With a credit card, you can close your account and work out a payment plan, but with a debit card you don’t get that option.

Many pre-paid debit cards a very popular in the black community. But being popular is far different from being a good option. Many pre-paid debit cards, while intended to help the African-American community are often doing just the opposite. Pre-paid cards have been criticized for exploiting poor and dis-advantaged black people by charging higher, sometimes exorbitant fees. This is especially so when people make the mistake of thinking of the card as a credit card. But the pre-paid card is a huge and profitable market to the tune of about 500 million cards in circulation channeling billions of dollars in sales. You can find a list of the best and worst pre-paid cards here.

Another payment method you need to consider for your holiday shopping is the retail card. Be aware that these store cards can carry some pretty high interest rates. But at the same time you can take advantage of some pretty good deals by using the store credit card. Some stores will give you as much as 10% off your purchase if you apply for the card at the register. Using these cards does not carry a lot benefits at all. And they are dangerous to your credit report. For example when you fill out that card application it shows up on your credit report and if you close the account it stays on your credit report. But if you are looking for the best retail cards to shop with this holiday season you can find the top ten here.

So as you start hunting for those holiday bargains and eagerly wait for Black Friday or Cyber Monday be aware that there is a difference between a credit and a debit card. Make wise purchases and know what tools and weapons you have at your disposal when using that credit card as you shop this holiday season.

Now you know

American Express Acknowledges Data Breach

300px-American_Express_logo.svgEarlier this week American Express notified its customers of a data breach. According to the company as many as 76,000 thousand customers have had credit data compromised including names and account numbers. The company also stated that as many as 18,000 California residents may have had additional information lost but not their names.

Law enforcement notified American Express that large files containing customer information was posted online and they suspect the “hacktivist” group Anonymous Ukraine to be the culprit.

This past march Anonymous Ukraine released more than 7 million credit card records as a protest against financial companies for “enslaving people.” Included in that massive release were over three million VISA card records, 1.7 million MasterCard records and 600,000 Discover card records. The group clams to have as many as 800 million credit card records. 

Security experts don’t believe it. Experts believe the group is simply boasting and maybe recycling older, previously hacked card information. No one has identified the source of the data or leaks as of yet.

Equifax Vice President Scott Mitic called the incident “yet another in the nearly constant stream of data breaches that affect U.S. consumers today. It’s part of our day-to-day to lives.”

Mitic urged AmEx cardholders to check all recent transactions, place fraud alerts on their accounts and check their credit reports.

Although it is not known when the data was breached AmEx  discovered the breach on March 25, according to the company.

American Express has instituted additional fraud monitoring on affected card, and assured customers that they are not liable for any fraudulent charges.

Breaking It Down

Here is the key to the above article. AmEx knew of the  breach on March 25th. Today is June 5th! African-American AmEx card holders are asking why the long wait?  Any AmEx card holder would have wanted to know a little sooner. Am I right? The problem is that they are not obligated by any effective law requiring them to tell you any sooner. Yeah, there are plenty of states that have data breach laws but who’s laws apply here? AmEx is a global company.

We need more stringent data breach laws and more data breach lawsuits to put an end to this. Right now there is no financial or judicial punishment when these things happen. Companies fear very little after a data breach. Except maybe losing sales or customers. That’s no small thing at all but there needd to be enforceable laws to stop this…NOW!

Let me explain something to you. AmEx is a global, multi-billion dollar company. If a customer discovers fraudulent charges on their card AmEX is willing to spend a few hundred or few thousand or a few hundreds of thousands of dollars to fix the problem. In other words they look at it as the cost of doing business. A crook would say “Don’t do the crime if you can’t do the time.” So as long as companies feel that way they are not scared of these data breaches or the consequences. They just pay the price and keep it moving.

Now, if Anonymous Ukraine is telling the truth about the 800 million records they say they have then who is responsible for that loss? When are we gonna see these financial executives sitting in in front of Congress explaining that? They demanded answer from the automobile executives, cigarette companies, even the IRS. So how about these big financial companies?See the government is not acting so there is little these companies fear.  Another question also comes to mind, if they have 800 million records who is not included on that list?

Was There a Data Breach at California DMV?

CA DMVBanks in California recently received notice from MasterCard that credit card data used previously for California DMV online services had been breached. MasterCard did not say who was breached but did state that the organization experienced a breach commonly known in the financial industry as “card-not-present”. This means that  the transactions occurred online. MasterCard also included a date range in its report that stretched from August 2nd 2013 to January 31, 2014 and the data stolen included the card numbers, the expiration date and three digit security code normally found on the back of the card. Five different financial institutions admitted receiving the alert notification and all had the notation “STATE OF CALIFORNIA DMV INT”. Visa card services has not sent out an alert and declined comment. Law enforcement officials also believe American Express cards may have also been breached.  American Express notified California DMV of suspicious activity in January but have not labeled it fraud. In addition to California law enforcement agencies the U.S. Secret Service is also investigating the breach.

California DMV officials stated there was “NO” evidence of a direct breach of their systems. “However, out of an abundance of caution and in the interest of protecting the sensitive information of California drivers, the DMV has opened an investigation into any potential security breach in conjunction with state and federal law enforcement.”

“In its investigation, the department is performing a forensic review of its systems and seeking information regarding any potential breach from both the external vendor that processes the DMV’s credit card transactions and the credit card companies themselves.”

California DMV credit card transactions are processed by a Elevon, a subsidiary of US Bancorp.  The company has neither confirmed nor denied MasterCard’s reports of a breach.

It is not clear how many people are possibly affected if a breach has in fact occurred. However Krebsonsecurity.com reported 11.9 million transactions were conducted on California DMV’s website in 2012.

Breaking It Down

Black people are not interested in mysteries. Did a breach actually happen or not? Be up front about this. Don’t play games! Nobody wants to admit to anything. California says there is no evidence. US Bancorp, owner of Elevon, who processes credit card transactions for DMV say there is no evidence. No one knows how many credit cards were compromised. We keep hearing;  “we are investigating.” The bottom line is that card holders, black or whatever color, don’t matter. The law is on the side of the banks and card processors. They don’t have to come clean right away about what happened and in the mean time your credit card information could be floating around the Internet waiting to be used by a crook. When these incidents happen companies should be obligated, by law, to reveal all they know as soon as they know it to protect the consumer. All too often these big corporations play games until the have the perfectly worded press release to clear them of blame. But the real culprit are lawmakers. They can’t seem to pass a law that protects consumers. So now there are fifty different laws in fifty different states that apply to data breaches. And if a company does business across state lines then what law are they obliged to obey? So who was breached? Was it the state of California or Elevon? Wouldn’t you like to know? Was my credit card compromised? What about my driver’s license number, my personal information or social security  number? All this information is in the California DMV computers. So the question remains; Was there a data breach at California DMV or not?