Slashdot Mirror
Credit Card Breach At P.F. Chang's
schwit1 tips a post by Brian Krebs saying that P.F. Chang's China Bistro, a nationwide restaurant chain, is the latest victim of a massive data breach. The company is currently investigating. Krebs writes:
On June 9, thousands of newly-stolen credit and debit cards went up for sale on rescator[dot]so, an underground store best known for selling tens of millions of cards stolen in the Target breach. Several banks contacted by KrebsOnSecurity said they acquired from this new batch multiple cards that were previously issued to customers, and found that all had been used at P.F. Chang's locations between the beginning of March 2014 and May 19, 2014. ... The items for sale are not cards, per se, but instead data copied from the magnetic stripe on the backs of credit cards. Armed with this information, thieves can re-encode the data onto new plastic and then use the counterfeit cards to buy high-priced items at big box stores, goods that can be quickly resold for cash (think iPads and gift cards, for example).
If it's stripe data, that implies the POS readers were compromised, just like Target. Interesting.
I use credit cards for 99% of my purchases. That way I avoid the issue of dealing with change and refilling on cash. I've never been held responsible for a fraudulent charge.
Nothing in the article says they stored these numbers. Target had their card readers compromised. It could be the same case here.
I was wondering the exact same thing. They don't like to make it known that they're the same company, so I wonder if they use the same CC processing system or not.
Do not look into laser with remaining eye.
I use cash or checks for 99% of my purchases. That way I avoid this issue. I'm also an old guy so "Get off my lawn!"
Is it a real issue or a theoretical issue? I've seen a few fraudulent charges over the years, and the bank has never given me any greif over any of them.
Your solution of carrying cash exposes you to higher risk of direct loss or theft. And you lose the card rewards program.
As for cheques -- yeah, whatever, because those aren't stupidly easy to forge; and most people won't even take them anymore.
On the upside you have a smallish boost in privacy relating to your purchases. (locations, times, and amount spent)
Seems you've traded one set of small risks for another. Not sure that amounts to a real overall improvement though.
Minimize the number of places you expose your CC numbers. Pay cash where feasible. Use debit cards ONLY at bank terminals. Be especially careful at restaurants and gas stations.
Or, if your in good standing with your bank, don't worry about it. The banks are good about fraudulent charges in the civilized world.
This. Any bank that isn't a ripoff (and assuming that you don't have the worst credit in the world) offers zero liability for fraudulent purchases. Given that checks are tedious to write and process, and cash is easy to get lost or stolen, it doesn't make a whole lot of sense to pick them over a credit card.
I probably went to PF Changs in this time period, and used my credit card there no less (I'm not quite sure whether it was in April or in May that I last went) but I'm not at all concerned about it. I've been the victim of credit card fraud before, and it's really not exactly devastating. What happens is I have to go an entire week on cash (I hate checks) until my new card arrives in the mail, and then I have to go to my ISP, tmobile, and the local water utility and update my autopay billing information. It basically amounts to a temporary inconvenience, but nothing was lost on my part. I think a bigger inconvenience would be having to manually pay all of my bills every month instead of just watching ONE credit card statement.
You fail to mention the full, tedious process for reporting fraudulent card transactions, and getting them reversed. Whenever I've had to do it (recently, almost yearly), There are records to review, paperwork to fax, etc. to confirm what charges are legit and which aren't.
It's a wash in effort between dealing with cards and checks, in my experience. Cards for online purchases, checks for paying most recurring bills (I really don't trust most enterprises to automatically draw from a debit account). That's what's convenient for me.
If you only have to change 3 accounts when a card is replaced, I'd bet you're exceptional (on the low side).
"National Security is the chief cause of national insecurity." - Celine's First Law
You fail to mention the full, tedious process for reporting fraudulent card transactions, and getting them reversed. Whenever I've had to do it (recently, almost yearly), There are records to review, paperwork to fax, etc. to confirm what charges are legit and which aren't.
With my card, in most cases, I get a call where they verify a half-dozen or so purchases. There was once where they called me to say that my card was cancelled, with a new one in the mail. I've never had to fill out any paperwork from that particular bank/card, let alone had to fax anything. The policies vary company-by-company, so something that's onerous for you may be much easier for someone else.
It is pitch black. You are likely to be eaten by a grue.
Checks are more insecure than credit cards...
Sig: I stole this sig.
"I use credit cards for 99% of my purchases. That way I avoid the issue of dealing with change and refilling on cash. I've never been held responsible for a fraudulent charge."
- OTOH, I use CASH for 90% of my purchases. Only one retailer (a major online company) knows my card number and they are unlikely to leak it. Similarly I have no revealing 'loyalty cards' for grocery & drug store purchases.
So my wallet is much thinner than yours and I have little fear of identity theft. I carry $200-$400 at all times. If it is stolen, I will be unhappy but not as much as if my identity is stolen.
I don't think it's anyone's business if I purchase adult diapers or pron or medicines or alcohol. Should I reveal that in return for 'rewards'? You will have to decide for yourself if you want to advertise your lifestyle in exquisite detail to worldwide data marketers.
...omphaloskepsis often...