What's going on here then?
Police Minister Urges Consumers To Look Out For Credit Card Fraud
“There are potentially thousands of customers across all the major banks whose details have potentially ended up in the hands of criminals.
— Media Release from David Campbell MP, Police Minister Urges Consumers To Look Out For Credit Card Fraud, 28th March, 2008
The New South Wales Police Minister David Campbell says the credit card details of thousands of bank customers may have fallen into criminal hands.
— ABC Radio, 702 Sydney, 28th March, 2008
Re NSW Police Minister's media release re fraud…
"It is the Australian Bankers’ Association’s (ABA) understanding that there was no industry-wide incident which would have required broad public communication."
— Email from David Bell (Chief Executive, ABA) to Media Watch
Somebody told someone? But who really tells who?
Visa and MasterCard have stipulated in their contracts with retailers that they will not divulge who the source is when a data breach occurs. Way to go - damage your brand reputation instead of the at-fault customer! Who thought up that one? Surely not the
USA: Under the terms of the new
Cyber-Security Enhancement and Consumer Data Protection Act of 2006 (PDF) (H.R. 5318), failure to disclose information about the infiltration of electronic databases containing information [within 2 weeks] on at least 10,000 people or information on federal
employees can lead to harsh punishments including prison.
UK: Notification: IOC - We will continue to ensure that the burden placed on organisations
by the notification requirement is kept proportionate to its purpose. In pursuing
cases of non notification we will be guided both by data protection risk and by the
need to ensure consistent application of the law. [do nothing:
Yes Minister - after all we have to ensure continued confidence in the financial system, at least until after the election.]
FSA are dishing out a few fines but does that achieve security?
Australia: there are no laws to mandate reporting of data breaches.
EU: much is being said and I'll discuss the all important PRIME directive in forthcoming articles.
Two things that don't think really help are losers keeping breaches secret from the victims and Police Ministers crying wolf.