Visa security breach
HamburgerHilll
Posts: 26 Forumite
in Credit cards
Attempted a couple of online purchases with my Visa card today (Nationwide Select Credit Card).
Both transactions declined. Initially when I spoke to Nationwide they said it was an issue not with them but with Verified by Visa and that I should re-try the transactions once they'd spoken to them. I had this issue earlier in the summer when trying to purchase currency before our holiday.
I then had another purchase declined so called Nationwide again. They advised that they'd been told my card details had potentially been compromised so were going to cancel my card and issue a new one. I asked which retailer/organisation was responsible for the breach and they said they couldn't tell me for "reasons of reputational risk to the organisation concerned"
Now call me cynical but I don't store my card details with any retailers for that self same reason (I got bitten a few years ago by a 'man in the middle' cyber scam and consider myself to be very careful about using my card online. If a company has been compromised then surely I have a right to know which organisation it is and avoid using them in the future?
Seems a flawed policy to me and somewhat disingenuos of Nationwide to say they are "protecting my security" by issuing a new card without more information?
Anyone else have any clue on this?
Both transactions declined. Initially when I spoke to Nationwide they said it was an issue not with them but with Verified by Visa and that I should re-try the transactions once they'd spoken to them. I had this issue earlier in the summer when trying to purchase currency before our holiday.
I then had another purchase declined so called Nationwide again. They advised that they'd been told my card details had potentially been compromised so were going to cancel my card and issue a new one. I asked which retailer/organisation was responsible for the breach and they said they couldn't tell me for "reasons of reputational risk to the organisation concerned"
Now call me cynical but I don't store my card details with any retailers for that self same reason (I got bitten a few years ago by a 'man in the middle' cyber scam and consider myself to be very careful about using my card online. If a company has been compromised then surely I have a right to know which organisation it is and avoid using them in the future?
Seems a flawed policy to me and somewhat disingenuos of Nationwide to say they are "protecting my security" by issuing a new card without more information?
Anyone else have any clue on this?
0
Comments
-
Contact VISA?0
-
My money is that its a business you've used in the past that has stored your details and has now been found to have been breached - BA is a large recent example, but it could be one of countless others. It's laughable that they are "protecting your security" by withholding information from you, but what can you really do these days.
Just be glad they are preemptively issuing you a new card so you don't have to go through the hassle when you actually have fraudulent transactions appearing on your account.0 -
HamburgerHilll wrote: »ANow call me cynical but I don't store my card details with any retailers for that self same reason (I got bitten a few years ago by a 'man in the middle' cyber scam and consider myself to be very careful about using my card online. If a company has been compromised then surely I have a right to know which organisation it is and avoid using them in the future?
That's why you're not told who the merchant is. If you did know, it may damage their business. They would lose you as a customer and you'd spread the word far and wide, leading to them potentially losing other customers. Next time a merchant suffered a data loss they may look at what happened to others who reported such incidents and decide to keep quiet.
Nationwide may not know how or where the data hole happened. Even if they did, there's the risk they might finger the wrong hole, opening themselves up huge claims for loss of business later.
As for using your card online - you have no idea what happens to your information after you pass it on to a merchant. For all you know they may add it to a file, zip it up and try to flog it here in the early hour of the morning.0 -
I had it couple of years ago. Nationwide told me, that they don't know which company had security breach, they just got info from Visa.0
-
Which is exactly what should happen. If a cardholder's details are compromised for whatever reason whilst being processed by an organisation, the name of the organisation should be disclosed to the cardholder so the cardholder can make an informed choice as to whether to continue doing business with that organisation.If you did know, it may damage their business.
The only way to force an organisation to take the protection of cardholder data seriously is to ensure that, if it doesn't, its business will be damaged. Perhaps irreparably.0 -
Which is exactly what should happen. If a cardholder's details are compromised for whatever reason whilst being processed by an organisation, the name of the organisation should be disclosed to the cardholder so the cardholder can make an informed choice as to whether to continue doing business with that organisation.
The only way to force an organisation to take the protection of cardholder data seriously is to ensure that, if it doesn't, its business will be damaged. Perhaps irreparably.
If organisations were punished ("irreparably") for reporting data breaches and losses they might stop reporting them to the card networks.0 -
I'm fairly sure that under GDPR merchants must disclose data breaches, which is why BA done so0
This discussion has been closed.
Categories
- All Categories
- 343K Banking & Borrowing
- 250K Reduce Debt & Boost Income
- 449.6K Spending & Discounts
- 235.1K Work, Benefits & Business
- 607.7K Mortgages, Homes & Bills
- 173K Life & Family
- 247.7K Travel & Transport
- 1.5M Hobbies & Leisure
- 15.9K Discuss & Feedback
- 15.1K Coronavirus Support Boards