Major Security Breach?

I’m a big fan of the American Airlines AAdvantage program, and I have both the company credit cards and my personal credit card with CitiBank in order to earn miles.

Recently, I received notice that both my business account and my personal accounts were being closed, and that Citi was going to reissue new cards to me. The reason is that “some vendor” that I do business with had a large number of credit card numbers stolen. I tried to press them to reveal the name of that vendor, but they wouldn’t because that vendor is preparing to announce it in the near future. Unlike a software exploit, telling people that their card was compromised immediately doesn’t seem to me to be a problem, but it could be a public relations nightmare that might be softened with a line like “we have proactively contacted all of the affected banks” etc. etc.

I’m going to make a prediction that Amazon.com, one of my favorite online vendors, is the culprit. This is the only vendor where I have used both my personal and business cards. Note that with the business, only my card was cancelled, no one else in the company needed new cards since I am the one who buys gear from Amazon.

So, anyone else having there cards torn up and reissued? If so, do you use Amazon? Any other guesses?

I hope I am wrong, but if it does turn out to be that the Internet’s largest retailer got hacked, do you think vendors will start to think seriously about security for a change?

4 thoughts on “Major Security Breach?

  1. *ck. Amazon is like one of two companies I _do_ buy things from via the internet.
    Let’s hope it was one of the other companies you regularly deal with.

  2. I had the same thing happen to me. When I called my bank they told me that this was in response to that largest wireless credit card ring captured in August. I was told that my bank was taking no chances and re-issuing any credit card that was in the same range of some of the ones that were stolen. Here are some of the stores that were hacked…

    BJ’s Wholesale Club, TJX and DSW Shoe Warehouse, OfficeMax, Barnes & Noble, Boston Market, Sports Authority and Forever 21.

    Here is a link.

    http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9111670

  3. We got messages left on our answering machine from citi and our bank regarding suspicious activity…checked and there were fraudulent charges on 3 cards. All 3 had been used at amazon.com and stored in their database. That’s the only connection between the 3 cards, so I suspect amazon has been hacked…. too bad, I use them alot.

  4. Yeah, I think this is new and not the incident that John reported, since I don’t shop at any of those stores. I do shop at Amazon with both my personal and business credit cards. Also, Amazon is the only store I had given my personal card to on-line, as Citi allows me to make “virtual” cards for on-line purchases. So the evidence is:

    1) Amazon is the only store to have my personal card.
    2) Amazon also had my business card.
    3) No one else in the company used their business card on Amazon, and their cards were not revoked.
    4) Only Amazon has the clout to pull something like this off – I’ve had one other vendor contact me about being hacked and all I got was a letter warning me about it.

    If I knew how to Digg something, perhaps others could add to the discussion. (grin)

Comments are closed.