This is Part One of a three-part series on debit/credit card fraud.
WESTFIELD – It’s never a g
ood feeling to receive a letter in the mail from one’s bank stating: “MasterCard International has informed us that your debit card ending in . . . may have been compromised due to a security breach of information that occurred at a merchant with whom you’ve used your card with in the past.”
The letter, dated August 18, indicates that United Bank is sending customers, who may have been impacted by the potential breach, new cards and that customers’ current debit cards will be canceled at the end of the business day on September 2.
According to an assistant manager at one of United Bank’s branches, the breach involved various banks, not just United Bank, approximately 1,200 customers were affected and this breach has not been in the news.
Dena M. Hall, regional president and chief marketing officer of United Bank, said she could not confirm the number of customers involved, but that United Bank had been notified by MasterCard.
MasterCard did not identify the merchant(s) implicated in the possible breach, so United Bank did not have this information.
Westfield Police Capt. Michael McCabe said that unless a cardholder is actually victimized, not simply at risk, then the person is not privy to knowing the merchant’s name. Hall said that Mastercard doesn’t even have to identify the merchants to financial institutions.
“There is no specific incident that I’m aware of,” MasterCard spokesman Seth Eisen said. “The letter said MAY,” indicating that nothing may have happened.
The alert received from MasterCard was dated August 4 saying that a suspected breach occurred between November 1, 2014 and June 28, 2015, said Hall. She was surprised at the dates and didn’t know why MasterCard hadn’t issued an alert sooner.
Hall said she isn’t aware of a single incident of fraud that could be tied specifically to this alert.
In the MasterCard alert, the event is described as involving a “United States merchant’s network” according to Hall, and that a data security firm is engaged in an onsite investigation. “Network” in this context refers to network lines, so it doesn’t mean this necessarily involved online purchases.
MasterCard has a zero liability policy, Eisen said, meaning that a customer would not be held responsible for unauthorized purchases.
Customers should routinely check statements online or check their monthly statements carefully. If they see suspicious purchases, they should call the number on the back of their debit/credit card and tell the bank that it isn’t their purchase.
The bank will issue a refund, according to Eisen, who added, “It is not a lengthy period of time,” to get the refund.
The United Bank assistant manager said it could take up to ten days.
The safest thing to do if there is a breach or suspicious activity is to cancel your current card and get a card reissued with a new account number, according to privacyrights.org, a California-based nonprofit that helps “engage, educate and empower individuals to protect their privacy.”
If there is a potential breach, “above all, don’t panic. A security breach does not necessarily mean that you will become a victim of identity theft,” according to privacyrights.org.
Hall said there is a spike in fraud right now because when the EMV cards are issued in October, the cards that fraudsters are currently using will be outdated.
“EMV is an abbreviation for Europay, Mastercard and Visa, the three organizations that developed the initial specifications,” according to emv-connection.com.
“EMV chip cards contain embedded microprocessors that provide strong transaction security features and other application capabilities not possible with traditional magnetic stripe cards,” as stated on the EMV Connection’s website.
“When the EMV cards are in place, it will be a lot harder to conduct fraud on your behalf,” Hall said.
Part Two in this series will look at debit/credit card fraud in general and Part Three will examine the new EMV cards.
Staff Writer Christine Charnosky can be reached at [email protected]
