IMGCAP(1)]
The Massachusetts Bankers Association is asking Visa Inc. and MasterCard Worldwide to provide more information on large data compromises so banks can better serve their customers. The Boston Globe reported last week that 17 Massachusetts banks have reissued credit and debit cards in the aftermath of the Heartland Payment Systems Inc. data breach. Heartland announced in January that hackers breached its network last year and captured the credit and debit card numbers and expiration dates of an undisclosed number of cards (CardLine, 1/20). Each of the 17 Massachusetts banks reported that the breach affected more than 1,000 customers. "If they notified us right away, it would be much easier for the bank to do their investigations and try to figure out who is at fault and to protect customers better," Bruce Spitzer, a spokesperson for the association, tells CardLine. A debit card task force consisting of executives from the state's banks wants the card networks to change their rules regarding data-breach information, Spitzer says. He contends banks can better address customers' concerns about data breaches if more information is available from the card networks. "Customers in the past have blamed the banks, which is misplaced," Spitzer says. "It's the banks that are trying to protect them." Rockland, Mass.-based Rockland Trust Co. reported to the state's attorney general that it was forced to reissue almost 19,000 debit MasterCards and 64 Visa cards during the past few months. Rockland did not respond to requests for comment by deadline. According to a filing with the state's attorney general's office, Rockland described how thieves used software to collected unencrypted card data as Heartland was authorizing transactions in its system. A new state law requires financial institutions to alert the attorney general's office of security breaches, Spitzer says.
