Last week, a security exploit at CardSystems Solutions, Inc, a credit card processor, may have allowed thieves to obtain as many as 40 million credit card numbers from unsuspecting victims. The theft was brought about though a virus introduced into the CardSystems that allowed external hackers to obtain access to the account information. Adding to the problem was the fact that CardSystems wasn’t supposed to have the account information at all. It appears that CardSystems “inappropriately” held onto the information after clearing the credit card transactions. At that point, the account information should have been deleted. CardSystems held onto the account information for supposed “research purposes.” Fortunately for those involved, the compromised information only included account numbers and not Social Security numbers, which would have assisted the thieves in identity theft scams. This latest security breach at a credit card processor outlines how anyone can be vulnerable to account or even identity theft. Is there anything that can be done about it?
The credit card companies largely dictate the relationships between the credit card companies and the credit card processors. They are supposed to keep tabs on the processors and make sure that the processors use secure measures to protect the data of customers. These issues are not governed by law, but the processors can be fined by the credit card companies for violations. So what can the average credit card customer do to make sure that their account information isn’t compromised? Not much, it would appear. The paper transaction has long since been replaced almost universally by the electronic one, and anytime a customer uses a credit card, their account information is moved from one computer to another. Hackers continue to develop more sophisticated methods of stealing information, and their techniques are often ahead of the processing companies’ ability to develop comparable security measures. For the foreseeable future, credit card customers must consider that their accounts are vulnerable.
In time, the credit card companies and their associated processors will establish security guidelines that are more effective than the ones that are currently in place. In the meantime, the best thing cardholders can do is to simply minimize their exposure. The best way to do this is to have as few credit card accounts as possible and to use them sparingly. Granted, it is often difficult to avoid using credit cards, but there are times when people simply pull them out of the wallet out of habit when using a check or cash would suffice. This may sound inconvenient, but at the moment, the only way to make certain that your account numbers are safe is to avoid using them when possible.