Neiman Marcus and Other Retailers Breached, Credit Card Details Stolen 151
Fnord666 writes "Another day, another data breach. Apparently high end retailer Neiman Marcus has also suffered a breach of credit card data. Brian Krebs has the report: 'Responding to inquiries about a possible data breach involving customer credit and debit card information, upscale retailer Neiman Marcus acknowledged today that it is working with the U.S. Secret Service to investigate a hacker break-in that has exposed an unknown number of customer cards. Earlier this week, I began hearing from sources in the financial industry about an increasing number of fraudulent credit and debit card charges that were being traced to cards that had been very recently used at brick-and-mortar stores run by the Dallas, Texas based high-end retail chain. Sources said that while it appears the fraud on those stolen cards was perpetrated at a variety of other stores, the common point of purchase among the compromised cards was Neiman Marcus. Today, I reached out to Neiman Marcus and received confirmation that the company is in fact investigating a breach that was uncovered in mid-December.'"
The Chicago Tribune reports that "at least three other well-known U.S. retailers" suffered breaches this holiday season as well.
Time to overhaul the Credit Card system in the US. (Score:5, Interesting)
Re:Good thing Visa takes the risk... (Score:2, Interesting)
What you don't see is the money that VISA charges the company you buy from. which in turn that company charges you. And since all companies need to support VISA (because of the duopoly of VISA and MC), it's pretty hard to change. And you don't even know it because said company is not allowed to discuss that.
Re:Good thing Visa takes the risk... (Score:4, Interesting)
What you don't see is the money that VISA charges the company you buy from.
I'm fully aware of the money the CC charges the retailer. That's not my problem, that one of the costs of doing business.
which in turn that company charges you.
The cash price would be no lower, and even without the CC tax, most businesses will charge as much as they can anyway.
.And since all companies need to support VISA (because of the duopoly of VISA and MC), it's pretty hard to change. And you don't even know it because said company is not allowed to discuss that.
First, companies certainly do not have to accept CREDIT cards. Secondly, retailers bitch moan and complain all the time about CC fees, they certainly can and do "discuss" it with customers many times.
Accepting CC is a convenience for BOTH the customer AND the retailer. And since they build the CC fee into the price which they charge even CASH customers, retailers are in no position to make a stink. They are not obligated to sell their product to me, they can switch to a cash / debit card only business if they so choose. As it happens, it benefits them to accept CREDIT cards, and so they do.
Re:Time to overhaul the Credit Card system in the (Score:4, Interesting)
The "fix" is to hold the breaches responsible for every fraudulent charge and re-issued card.
Not just the card itself, the bank's time and to send a letter, reissue all the cards, mail them.
And then, I read earlier today, 140 million Americans are affected by the Target breach. Each of them with a current card that's getting cancelled has to go set up new automatic payments on their various autopay services, etc.
Target should be giving them a concession, say $100 or so per person for all the time they'll waste.
Now then, given acutal liability for their actions, Target would never assume such risk without getting an insurance policy to cover it. And the insurance company would have a squad of auditors in their IT center to scour the thing before they issued the policy.
In the end, we'd wind up with the secure solution we're actual looking for. So the actual problem here is that corporations aren't held responsible for their negligence. Which is exactly why they form these big corporations in the first place.
Re:Good thing Visa takes the risk... (Score:4, Interesting)
What kind of "problem" would that be? If your father is not providing adequate customer service such that customers seek redress from their credit card company, maybe the problem isn't the credit card?
Do I have to spell it out for you? "Credit card owner called and they do not recognize the charge because their card was stolen" qualifies as a charge-back problem. And because the items are sent within a day or two, it will often happen after the purchase has already been sent.
The point is -- just because you, as a consumer, do not have to pay the costs of stolen credit cards, do not assume that a faceless credit-card corporation will eat these costs. In reality, it will not.
Re:Good thing Visa takes the risk... (Score:4, Interesting)
a couple things. Handling cash costs retailers money too. Might not impact smaller ones as much but box stores and like it makes a difference. Cash transactions take longer, so they need more checkers, it takes longer to get cash to the bank do they lose interest. Assistant managers often still hourly have to count it, and they usually need an armored car service to come pick it up, and it increases theft risks.
For bigger retailers the swipe fees can be a bargain. It's been proven over and over again customers spend more when they don't have to think about how much cash they have on them too. As an individual I like the fees too, I can track what I spend on my card so I never pay any interest, yet I still get the cash back awards and points which part of the swipe fee pay for.
As the merchant agreements usually force places not to discount cash, it's like a tax I get to charge. As others have pointed out the cards provide useful consumer protections as well.
Everybody wins except the folks who can't keeps and track receipts and get surprised with a bill they can't afford at months end or the folks who have messed up so bad they can't get a card
Re:Time to overhaul the Credit Card system in the (Score:4, Interesting)
No, you missed the latest fun with target...
They lied..
The cards stolen weren't by someone intercepting CC numbers when used, They kept EVERYTHING in a linked database that was stolen. Name, address, phone number, multiple CC numbers etc. (they haven't said a db, but they said a source containing historic information. Maybe it was a flat file, but I'd hope not)
The fact they lied repeatedly and that they kept this info makes it a LOT worse than the Sony breach in my mind.
They should be very liable.