Re: Subcontractor for the Disney Movie Club was caught selling customer credit card numbers

Thus spake "Scalemaster34" <scalemaster34@xxxxxxxxxxxxxxxxxxx> :

Why oh why do people do the things they do....?

The Texas AG just sued Lifetime Fitness. Seems that an investigator,
after receiving complaints, found customer information in dumpsters
behind four gyms. And six more are also being investigated.




http://www.pcworld.com/article/id,134790-c,cybercrime/article.html

A subcontractor working for a company that processes and fulfills orders for
the Disney Movie Club sold credit card numbers and other account information
belonging to an unknown number of customers to undercover law enforcement
agents.

The May 2007 incident has prompted Disney to send out letters to an
unspecified number of customers informing them about the breach.

Disney did not respond to requests for comment about the incident. But Brad
Van Duser, an Atlanta-based customer of the company's movie club, received
the letter and made it available to Computerworld. The letter is dated July
6 and signed by John Flynn, vice president of online digital and directing
marketing for Buena Vista Home Entertainment, a division of The Walt Disney
Co.

In it, Flynn said the incident involved an employee at Alta Resources Inc.,
a Neenah, Wis.-based outsourcer working for Disney. According to Flynn, the
employee sold credit card information including names, addresses, credit
card numbers and expiration dates to law enforcement authorities in an
undercover sting operation. Flynn said Disney had been assured that card
security codes, such as the CVV code, had not been compromised in the
incident.

"Law enforcement officials have informed us that there is no indication that
your information was used to make improper purchases or sold to anyone other
than federal law enforcement agents," Flynn said in his letter.
"Nevertheless, in an abundance of caution, we have informed representatives
of Visa, MasterCard, American Express and Discover of these events."

The letter urged recipients to contact the financial institutions that
issued their credit cards if they had any questions regarding their
accounts. But it did not mention any free credit monitoring services, an
option many companies have offered in similar situations.

Van Duser said he was surprised by the incident. "As a customer, what
surprised me the most was that even after all of the security breaches
reported in the news recently that a large, reputable company like Disney
had not taken steps to thoroughly protect my credit card information," he
said in an e-mail. "And then when the breach occurred, they didn't offer a
credit monitoring or other service."

The Disney incident is the latest in a seemingly endless stream of breaches
being disclosed by major companies this summer. Just this week it was
disclosed that Kingston Technologies Inc., a maker of computer memory
technologies, sent out letters to about 27,000 customers in connection with
a September 2005 data breach that the company did not discover until
recently. Western Union made a similar disclosure, announcing that it was
notifying about 20,000 customers of a potential compromise of their personal
data following the discovery of a database intrusion.

Such incidents have heightened consumer concerns and pushed several states
to consider or enact laws requiring retailers and other entities handling
credit card data to implement safeguards for protecting the data. One of the
most closely watched of these laws is California's proposed AB 779
legislation, which would require breached entities such as Disney to
disclose more details about security breaches, including a description of
the categories of personal data that might have been compromised. In
addition, the law would also hold breached entities financially liable for
the costs incurred by banks and credit unions to notify customers of a
breach and to subsequently block and reissue cards.

--
dillon

Broadway Photo sucks. Ask me why.
.

Relevant Pages

  • Subcontractor for the Disney Movie Club was caught selling customer credit card numbers
    ... the Disney Movie Club sold credit card numbers and other account information ... unspecified number of customers informing them about the breach. ... Disney did not respond to requests for comment about the incident. ...
    (rec.arts.disney.parks)
  • OT (Trimobia): Dark and Nefarious Doings
    ... secret, unmarked Disney offices. ... mean plan--to maximize RIO in our dining facilities. ... customers' experience and maximize the bottom line. ... · Only guests at Disney resorts will be able to make Advanced Dining ...
    (rec.arts.disney.parks)
  • Re: Another Bad Experience at PC World
    ... he wanted confirmation of my home address - I had my credit card ... he said that in that case I couldn't have the laptop. ... computer then decided that my card was not suitable to make a purchase. ... the worst), little interest in helpiong customers, etc. ...
    (uk.comp.vendors)
  • Re: No wonder fraud is on the increase
    ... Even the overview at the beginning makes this clear "Banks must prove the authenticity of their customers' handwritten instructions if challenged, but for telephone and online banking some banks are adopting terms which could make customers liable for transactions they have not authorised. ... The OP stated that a friend had been the victim of a "bank fraud" when credit card details were misused and goods were obtained by someone else. ... The fraud is actually committed upon the retailer, who is the one induced by a deception to despatch goods to someone else. ... Neither the bank nor the credit card holder have parted with any property, so nothing has been "obtained" from them and therefore no offence is committed against them by the original perpetrator. ...
    (uk.finance)
  • Re: Credit Card Companies That Plan on Finding New Ways to Rip-Off Consumer Should Remember Ther
    ... credit card companies will undoubtedly be looking for new ... estimate that more than one-fifth of Wal-Mart's customers have no bank ... "Wal-Mart National Bank" could bring these ... credit cards and mortgage loans. ...
    (soc.retirement)