, SecurityFocus 2006-03-31
Story continued from Page 1
In early March, Visa and Mastercard warned banks of the most recent incident--a breach of an ATM network, according to financial industry insiders. Sources have said that data indicates the total number of accounts involved in the breach could number in the millions. Representatives at Visa and Mastercard International have not commented on the issue. However, Citibank released a statement confirming the ATM network breach, but not naming the company responsible for the network.
The latest Operation Rolling Stone arrests took place in five states and the District of Columbia on Tuesday. The names of the suspects are currently being withheld, because the investigation is ongoing, the U.S. Secret Service's Cherry said.
The federal and international operation is not linked to the arrests of more than a dozen people in New York and New Jersey that allegedly conspired on credit- and debit-card fraud, said Edward DeFazio, the prosecutor for Hudson County, New Jersey.
"We had gotten the Secret Service involved in our case--they were the ones who were going to follow up with the international connections," DeFazio said.
While the arrests are a good sign, legislators need to respond the the debit-card data breaches with stronger consumer protections, because ATM debit cards have not historically had as strong defenses in place for account holders as credit cards, Chris Hoofnagle, the director and senior counsel for the Electronic Privacy Information Center's West Coast bureau.
"It has always been assumed that the ATM is more secure because of the PINs, but debit cards are being used everywhere so the PINs are everywhere," Hoofnagle said.
Moreover, the companies that are the source of the breaches should acknowledge the incidents and take responsibility, he said.
"The problem with the ATM breaches is that notice is even more important in these cases," he said.