[ISN] OfficeMax: No evidence of security breach

InfoSec News isn at c4i.org
Wed Mar 15 03:22:12 EST 2006


By Greg Sandoval 
Staff Writer, CNET News.com
March 14, 2006

Following an extensive review of its security systems, OfficeMax says
it has no reason to believe it was the company that suffered the data
breach that resulted in thousands of cases of debit card fraud.

On Tuesday, the office-supply chain said that an independent study by
a security expert found no indication that the company's customer
information was lost. An internal investigation came to the same

"OfficeMax takes the security of our customers' information with the
utmost seriousness and is committed to protecting private customer
information," the company said in a statement. "As we have stated
consistently, we have no knowledge of a security breach at OfficeMax."

But the company wouldn't explain why it was still involved in the
investigation into the debit card thefts.

"OfficeMax continues to work with the United States Secret Service and
other federal law enforcement agencies in their investigation of ATM
fraud," the company said.

Debit card holders from San Francisco to Pittsburgh to Boston have
reported cash was seized from their accounts via fraudulent
withdrawals. Visa and MasterCard have said a merchant had suffered a
data theft but wouldn't identify the company.

During the past two weeks, law enforcement officials have noted that
their investigations revealed that many of the fraud victims were
OfficeMax shoppers.

On Monday, Hudson County Prosecutor Edward DeFazio said his office had
arrested 14 people in connection with the nationwide crime wave
involving debit cards. In an interview with CNET News.com, DeFazio
identified OfficeMax as among the victims of data theft. He said other
companies were also ripped off.

OfficeMax has said it has "not received information from any third
party concluding" that it suffered a breach.

Copyright ©1995-2006 CNET Networks, Inc. All rights reserved.

More information about the ISN mailing list