Credit Card Issuer Discloses Retail Data Breach

Share this article:
The day after an April 13 Senate Judiciary Committee hearing on data security, the North American division of British credit card company HSBC PLC sent letters to 180,000 cardholders to inform them that their personal data may have been accessed via transactional data of a U.S. retailer, according to a report in yesterday's Wall Street Journal.


The Journal identified the retailer as Polo Ralph Lauren Corp., though it said the company declined to comment and HSBC would not discuss specifics.


HSBC told the paper that the consumers who may be affected by the breach hold a General Motors-branded MasterCard and that the letters were sent last week.


MasterCard and Visa acknowledged that they were aware of the breach, had notified the banks that issue their cards and that cardholders were protected from fraudulent charges to their accounts.


The news follows the March 8 revelation that Retail Ventures Inc. subsidiary DSW Shoe Warehouse suffered a data theft affecting 103 of its 175 U.S. stores. The number of consumers affected was not revealed, but stolen data included credit card information and purchase data.


Bank of America confirmed Feb. 25 that some of its computer data tapes containing personal and account information for 1.2 million federal government charge card program customers were lost during shipment to a backup data center.


The latest incident likely will strengthen legislators' resolve to pass new federal data protection regulation this year.


This week alone, Sens. Charles Schumer, D-NY, and Bill Nelson, D-FL, introduced an identity theft prevention bill that would create a Federal Trade Commission office of identity theft and require data providers to register with the FTC. Other provisions would institute safeguards to prevent fraudulent access to data and give consumers access and the option to fix errors.


The legislation also would mandate notice of third-party data disclosure and notification of data breaches. Provisions related to Social Security numbers would prohibit companies from asking for the numbers unless necessary for a transaction; prohibit display of Social Security numbers on employee IDs; ban the sale and purchase of the numbers except for law enforcement, national security and fraud purposes; and grant the attorney general the ability to define exemptions.


Also this week, Sen. Dianne Feinstein, D-CA, offered a revised version of the Notification of Risk to Personal Data Act that she first introduced Jan. 24. The original bill required mandatory notification when sensitive data are breached. The revision adds provisions to close loopholes that exempt encrypted data and specify the contents of the notices.


The flurry of legislation began when data providers ChoicePoint and LexisNexis suffered high-profile data breaches.


Kristen Bremner covers list news, insert media, privacy and fundraising for DM News and DMNews.com. To keep up with the latest developments in these areas, subscribe to our daily and weekly e-mail newsletters by visiting www.dmnews.com/newsletters


Share this article:
You must be a registered member of Direct Marketing News to post a comment.
close

Next Article in Multichannel Marketing

Sign up to our newsletters

Follow us on Twitter @dmnews

Latest Jobs:

More in Multichannel Marketing

Pet World's Multichannel Marketing Is a Whole Other Animal

Pet World's Multichannel Marketing Is a Whole Other ...

The family owned pet store redesigns its website to bring the in-store experience online.

Complexity's What Marketers Got, Simplicity's What They Want

Complexity's What Marketers Got, Simplicity's What They Want

Customer insights managers want campaign management tools to remain easy to use, even as they up their games with multi-layered campaigns.

Wine.com Uncorks New Digital Marketing Opportunities

Wine.com Uncorks New Digital Marketing Opportunities

The online wine retailer's strategy incorporates different flavors and depths.

Copyright © 2014 Haymarket Media, Inc. All Rights Reserved
This material may not be published, broadcast, rewritten or redistributed in any form without prior authorization.
Your use of this website constitutes acceptance of Haymarket Media's Privacy Policy and Terms & Conditions.