[ISN] Bank of America cancels numerous debit cards

InfoSec News isn at c4i.org
Fri Feb 10 02:07:44 EST 2006


By Greg Sandoval 
Staff Writer, CNET News.com
February 9, 2006

A security breach involving an undisclosed company has prompted Bank
of America to cancel the debit cards of numerous customers, a
spokesman for the country's largest bank said Tuesday.

Bank of America refused to release the name of the company involved,
the exact number of customers affected, or whether the company in
question was online or a traditional brick-and-mortar establishment.

The case is unusual in that debit cards appeared to be at risk. Credit
cards are typically involved in security breaches at financial
institutions because they are used more often than debit cards for
retail transactions.

"These are intricate matters...and may involve information that is not
exactly clear and concise," said Michael Chee, the bank's spokesman.  
"It would be premature to discuss any third parties until an
investigation is conducted."

Chee said that to this point, there is no evidence that any of its
customer accounts have been compromised. The move to cancel debit
cards was a precaution, he said.

An investigation is under way, Chee said, but added that he was
unaware of what law enforcement agency was overseeing it.

Bank of America issued letters to many customers notifying them of the
breach and that their debit cards were no longer good. The bank is
also telling customers to watch out for any unauthorized transactions
on their statements.

"As a proactive security-minded effort, we may take steps to replace
people's cards," Chee said. "We know this can represent a minor
inconvenience. The question is, would we rather risk inconveniencing
customers and protect their information and accounts or do we just do

More information about the ISN mailing list