ERIC PARKE and ROYAL SLEEP
CLEARANCE CENTER, INC., a California
corporation, On Behalf Of Themselves, All
Others Similarly Situated, and in the Interest of
the General Public of the State of California,
CARDSYSTEMS SOLUTIONS, INC., a
corporation; MERRICK BANK
CORPORATION, a corporation; VISA
ASSOCIATION, a corporation; VISA U.S.A.
INC., a corporation; MASTERCARD
INTERNATIONAL INCORPORATED, a
corporation; and DOES 1-200, inclusive,
A class-action suit has been filed in California against CardSystems, Visa, and MasterCard seeking a declaration that CardSystems violated due standards of care in its data-security methods and that the card companies failed to provide timely notice of the nature and extent to which credit-card data was compromised.
According to the lawsuit, CardSystems had been alerted "by other entities" late last year that consumer data had been exposed and failed to take prompt remedial action or notify consumers. The suit alleges that CardSystems violated Visa and MasterCard rules against storing consumer information and also violated the Payment Card Industry Data Security standard by improperly storing credit-card and transaction data, failing to maintain a firewall, failing to restrict access to its computers, and failing to encrypt cardholder data.
The suit charges that MasterCard was remiss in not publicly disclosing the breach until June 17, even though it had been informed by CardSystems of the breach in May and had traced fraudulent incidents back to CardSystems in April.
The legal and regulatory motions are moving towards even more controls to see that banking and other personal information is protected properly. A national law is in the works in the US to try and stem the tide of the ID Theft tidal wave. Who is going to pay for all of this added security and regulation? The consumer is.
The insider case at Bank of America, Wachovia and two other banks -- involving a far smaller number of accounts than the hackers' assault on CardSystems Solutions -- could prove to be far worse for consumers, said Avivah Litan, an analyst with Stamford, Conn.-based Gartner Inc., an information technology research firm.
``It may not be bigger, but that stuff is a lot more dangerous,'' Litan said. ``These are people who have access to a lot more personal information, so it's very serious.''
Wachovia and Bank of America were forced to alert more than 100,000 customers in May after police in New Jersey charged nine people, including seven bank workers, in a plot to steal financial records of thousands of bank customers.
Why try and rob banks or hijack armored car's when you can sell someone's ID and Account Info for $10.00 X 100,000? What we are experiencing is a "Breakpoint" in the system. A point at which all of the rules change. What are the new rules for success going to be moving past this turning point?
At Breakpoint, the rule change is so dramatic that continuing to use the old rules will not work any longer. We have reached a "Breakpoint"!