http://www.consumeraffairs.com/news04/2006/03/citibank_cards.html
http://www.consumeraffairs.com/news04/2006/03/worst_hack.html
It's a mystery that's better suited for a schlocky Hollywood thriller starring Harrison Ford, but it's all too real — the stealthy cancellation of thousands of debit cards from various banks, due to a data breach involving a still-unidentified "third party retailer."
Avivah Litan, security analyst for the Gartner research firm, has called the data breach the "worst hack ever," saying it represented a new and dangerous frontier for identity fraud: the mass theft of personal identification numbers (PINs) used to authorize debit card transactions.
Not worst
Sheesh. Just data thievery. What's the big deal?
Re: Not worst
Well, it has the potential of being worse than the CardSystems breach if it actually exposes PIN codes. As you may know, PIN based transactions are held to an entirely different fraud standard than credit card based ones, even if using the card as a credit card would have given them to you. Since PIN based transactions cannot be done online, this indicates that someone is definitely storing customer PINs, or they are traversing the network unencrypted somewhere, or there truly is a class break in the ATM infrastructure. Not good either way.