The Seattle Times Company

NWjobs | NWautos | NWhomes | NWsource | Free Classifieds |

Business / Technology

Our network sites | Advanced

Originally published Wednesday, June 29, 2005 at 12:00 AM

E-mail E-mail article      Print Print      Share Share

States demand cardholders get notice of security breach

A group of 44 state attorneys general demanded yesterday that CardSystems Solutions immediately notify all consumers affected by the security...

Seattle Times business reporter

A group of 44 state attorneys general demanded yesterday that CardSystems Solutions immediately notify all consumers affected by the security breach that exposed roughly 40 million accounts handled by the credit-card processor.

Considered among the largest card security breaches ever, the theft of data last month from CardSystems' Tucson, Ariz., operations center has yet to be fully explained.

The letter asks that Atlanta-based CardSystems explain the breach, outline steps it is taking to mitigate consumer injury and offer a plan to ensure it does not happen again.

"We call upon your company to do the responsible thing and notify all affected consumers immediately," the letter said.

Some Seattle cardholders began receiving letters last week from banks and credit unions that had learned which of their customers were affected. The banks got the information through Visa and MasterCard, which apparently obtained it from CardSystems.

But it is unclear whether all financial institutions plan to tell customers if their credit-card information was exposed.

A Bank of America spokeswoman last week declined to say whether in this case the bank is going beyond its usual fraud-monitoring procedures, which include contacting cardholders if it sees the potential for misuse.

Washington Attorney General Rob McKenna's office said it is CardSystems' job to inform customers.

"We're trying to find out if they have the capability to contact all the consumers directly, but we believe it's their responsibility to do so," said spokeswoman Janelle Guthrie.

McKenna proposed and wrote the letter. It was signed by attorneys general of 43 other states, the District of Columbia, American Samoa, the Northern Mariana Islands and Puerto Rico.

The letter also asks CardSystems to disclose how many consumers in each state were affected, and gives the company a deadline of July 25 to respond.

McKenna's office sent CardSystems a less strongly worded letter early last week, Guthrie said.


"The previous letter gave them the benefit of the doubt that they might already have been contacting people," she said.

That letter gave CardSystems a deadline of tomorrow. The attorney general's office had not heard from the company as of yesterday afternoon.

McKenna also sent letters last week to MasterCard and Visa asking how the security breach came to light and what steps they are taking to mitigate consumer injury, including any efforts to notify Washington cardholders of the breach.

Melissa Allison: 206-464-3312 or

E-mail E-mail article      Print Print      Share Share

More Business & Technology

UPDATE - 09:46 AM
Exxon Mobil wins ruling in Alaska oil spill case

UPDATE - 09:32 AM
Bank stocks push indexes higher; oil prices dip

UPDATE - 08:04 AM
Ford CEO Mulally gets $56.5M in stock award

UPDATE - 07:54 AM
Underwater mortgages rise as home prices fall

NEW - 09:43 AM
Warner Bros. to offer movie rentals on Facebook

More Business & Technology headlines...

Get home delivery today!



AP Video

Entertainment | Top Video | World | Offbeat Video | Sci-Tech