For immediate release - Wednesday, June 29, 2005.
Contact Bob Brammer - 515-281-6699.
AGs ask CardSystems Inc. to Explain Data Breach and
Attorney General Tom Miller and colleagues from a total of 48 states and territories are asking CardSystems, Inc., to
notify consumers in their states if they are affected by a security breach that potentially compromised tens of millions of
credit card accounts.
CardSystems is an Atlanta-based processor of credit card payments for banks and merchants. Reports last week
indicated that hackers installed a rogue computer program that extracted data, potentially compromising as many as 22
million Visa-branded cards and 14 million MasterCard-branded cards, as well as others.
According to news reports, records on about 200,000 credit cards may have been stolen, but not birth dates or Social
"We constantly advise consumers to guard their personal information," Miller said. "It should go without saying that
companies have a crucial duty to employ the strongest level of security when they are entrusted with people's financial
information. The data breaches we've seen lately are very troubling, and they are unacceptable."
"We call upon your company
to do the responsible thing and notify all affected consumers immediately,"
the Attorneys General wrote in a letter
sent yesterday to CardSystems, Inc. The letter also asked for an explanation
of how the breach occurred, how many consumers are affected in the states,
what steps the company is taking to mitigate consumer injury (including
efforts to notify consumers), and what plans CardSystems has to prevent
recurrence of such a security breach.
Miller said his office will consider proposing state legislation next year that would require a company to notify
consumers if it permitted disclosure of their non-public personal information.
In the CardSystems matter, the primary threat appeared to be the possibility of unauthorized charges on some people's
accounts, and a lesser threat of identity theft.
Miller said Consumers should always follow these tips, especially in case of security lapses:
- Examine credit
card and bank account statements every month.
- Dispute any unauthorized
charges. Call the credit card company immediately, and send a letter
disputing the charge. (Keep a copy for your records.)
- Do not pay the
disputed amount when you pay your bill. (Include a note or a copy of
your letter to explain why you are withholding part of the payment.)
- Cancel the credit
card and get a replacement with a new account number.
- Get FREE copies
of your credit reports. One copy per year is available at no charge
from each of the three major credit reporting bureaus. Go to www.annualcreditreport.com,
or call toll-free to 1-877-322-8228.
For more information on preventing identity theft, obtaining free credit reports, and other consumer tips, go to
www.IowaAttorneyGeneral.org (click on "protecting consumers.")
The Federal Trade Commission's
Identity Theft web site is: www.consumer.gov/idtheft/
The FTC's I.D. Theft Hotline is 1-877-ID-THEFT (877-438-4338.)
Click here for a copy
of the letter sent
April 28 to CardSystems by the attorneys general.
Attorney General Home | News Release Home
© 2000 THE STATE OF IOWA. ALL RIGHTS RESERVED.