(Serves them right.......rf)
CardSystems says it faces 'imminent extinction' By Reuters http://news.com.com/CardSystems+says+it+faces+imminent+extinction/2100-1029_ 3-5799637.html Story last modified Fri Jul 22 05:44:00 PDT 2005 U.S. payment-processing company CardSystems Solutions said Thursday it faces "imminent extinction" after revealing last month a massive credit card data security breach. The privately held payment processor for more than 100,000 merchants, CardSystems last month said that details of 40 million cards--names, account numbers and expiration dates--had been exposed to possible misuse. The FBI is investigating. CardSystems said at a congressional hearing into the matter that it knows specifically of information being removed from its databases for 239,000 separate card accounts. Credit card giant Visa USA said this week it was cutting off CardSystems as a Visa network participant due to the data breach, apparently the largest ever of its kind. "With that staring us in the face, it certainly means we would go out of business because, if you can't process with a major brand such as Visa, you can't process at all," CardSystems Chief Executive John Perry told Reuters. In an interview during a break in the hearing, Perry said Tucson, Ariz.-based CardSystems "did the right thing" by reporting the data breach as soon as it became apparent. Visa said it terminated CardSystems after discovering the processor had improperly stored certain customer information in its databases in violation of a prior security agreement--an action that Visa said it "cannot overlook." "We were in error by keeping that data," Perry said at the hearing when asked about the matter by a lawmaker. The CardSystems data breach has drawn increased attention to the card security issue. In Congress at least nine bills are circulating, including three in the House Financial Services Committee, which held the hearing. "We have a very, very serious problem here," said Illinois Democratic Rep. Luis Gutierrez at the hearing. Dozens of data breaches similar to the CardSystems problem have come to light this year, due in large part to a California state law requiring businesses to disclose such incidents. Some businesses and consumer groups have urged the Republican-controlled Congress to pass a national version of the California notification law. A bill under development in the Senate would require U.S. businesses to make data-security breaches public, with those failing to do so facing possible criminal prosecution. In February, data mining company ChoicePoint said thieves had gained access to a database of consumer profiles. Data broker LexisNexis in March disclosed a similar breach of personal profiles. Bank of America and Retail Ventures have also recently reported lost or stolen personal data on customers. CardSystems CEO Perry said card issuers have adequate penalties for violations such as the one that happened at his company. He called outright network expulsion "unprecedented." "We know of no other processor this has ever happened to," he said, adding there may be further discussions with Visa. American Express said this week it planned to end its relationship with CardSystems. MasterCard International has said it is giving CardSystems until Aug. 31 to come into compliance with security rules. Story Copyright © 2005 Reuters Limited. All rights reserved. You are a subscribed member of the infowarrior list. Visit www.infowarrior.org for list information or to unsubscribe. This message may be redistributed freely in its entirety. Any and all copyrights appearing in list messages are maintained by their respective owners.
