Your browser isn't supported
It looks like you're using an old web browser. To get the most out of the site and to ensure guides display correctly, we suggest upgrading your browser now. Download the latest:

Welcome to the MSE Forums

We're home to a fantastic community of MoneySavers but anyone can post. Please exercise caution & report spam, illegal, offensive or libellous posts/messages: click "report" or email forumteam@. Skimlinks & other affiliated links are turned on

Search
  • FIRST POST
    • HamburgerHilll
    • By HamburgerHilll 13th Sep 18, 2:03 PM
    • 23Posts
    • 27Thanks
    HamburgerHilll
    Visa security breach
    • #1
    • 13th Sep 18, 2:03 PM
    Visa security breach 13th Sep 18 at 2:03 PM
    Attempted a couple of online purchases with my Visa card today (Nationwide Select Credit Card).


    Both transactions declined. Initially when I spoke to Nationwide they said it was an issue not with them but with Verified by Visa and that I should re-try the transactions once they'd spoken to them. I had this issue earlier in the summer when trying to purchase currency before our holiday.


    I then had another purchase declined so called Nationwide again. They advised that they'd been told my card details had potentially been compromised so were going to cancel my card and issue a new one. I asked which retailer/organisation was responsible for the breach and they said they couldn't tell me for "reasons of reputational risk to the organisation concerned"


    Now call me cynical but I don't store my card details with any retailers for that self same reason (I got bitten a few years ago by a 'man in the middle' cyber scam and consider myself to be very careful about using my card online. If a company has been compromised then surely I have a right to know which organisation it is and avoid using them in the future?


    Seems a flawed policy to me and somewhat disingenuos of Nationwide to say they are "protecting my security" by issuing a new card without more information?


    Anyone else have any clue on this?
Page 1
    • Gary_Dexter
    • By Gary_Dexter 13th Sep 18, 2:56 PM
    • 2,062 Posts
    • 1,161 Thanks
    Gary_Dexter
    • #2
    • 13th Sep 18, 2:56 PM
    • #2
    • 13th Sep 18, 2:56 PM
    Contact VISA?
    • PRAISETHESUN
    • By PRAISETHESUN 13th Sep 18, 3:29 PM
    • 271 Posts
    • 109 Thanks
    PRAISETHESUN
    • #3
    • 13th Sep 18, 3:29 PM
    • #3
    • 13th Sep 18, 3:29 PM
    My money is that its a business you've used in the past that has stored your details and has now been found to have been breached - BA is a large recent example, but it could be one of countless others. It's laughable that they are "protecting your security" by withholding information from you, but what can you really do these days.

    Just be glad they are preemptively issuing you a new card so you don't have to go through the hassle when you actually have fraudulent transactions appearing on your account.
    • SnowTiger
    • By SnowTiger 13th Sep 18, 5:23 PM
    • 3,421 Posts
    • 2,380 Thanks
    SnowTiger
    • #4
    • 13th Sep 18, 5:23 PM
    • #4
    • 13th Sep 18, 5:23 PM
    ANow call me cynical but I don't store my card details with any retailers for that self same reason (I got bitten a few years ago by a 'man in the middle' cyber scam and consider myself to be very careful about using my card online. If a company has been compromised then surely I have a right to know which organisation it is and avoid using them in the future?
    Originally posted by HamburgerHilll
    That's why you're not told who the merchant is. If you did know, it may damage their business. They would lose you as a customer and you'd spread the word far and wide, leading to them potentially losing other customers. Next time a merchant suffered a data loss they may look at what happened to others who reported such incidents and decide to keep quiet.

    Nationwide may not know how or where the data hole happened. Even if they did, there's the risk they might finger the wrong hole, opening themselves up huge claims for loss of business later.

    As for using your card online - you have no idea what happens to your information after you pass it on to a merchant. For all you know they may add it to a file, zip it up and try to flog it here in the early hour of the morning.
    • Penelopa.Pitstop
    • By Penelopa.Pitstop 13th Sep 18, 11:08 PM
    • 346 Posts
    • 131 Thanks
    Penelopa.Pitstop
    • #5
    • 13th Sep 18, 11:08 PM
    • #5
    • 13th Sep 18, 11:08 PM
    I had it couple of years ago. Nationwide told me, that they don't know which company had security breach, they just got info from Visa.

    • Chino
    • By Chino 14th Sep 18, 8:51 AM
    • 508 Posts
    • 261 Thanks
    Chino
    • #6
    • 14th Sep 18, 8:51 AM
    • #6
    • 14th Sep 18, 8:51 AM
    If you did know, it may damage their business.
    Originally posted by SnowTiger
    Which is exactly what should happen. If a cardholder's details are compromised for whatever reason whilst being processed by an organisation, the name of the organisation should be disclosed to the cardholder so the cardholder can make an informed choice as to whether to continue doing business with that organisation.

    The only way to force an organisation to take the protection of cardholder data seriously is to ensure that, if it doesn't, its business will be damaged. Perhaps irreparably.
    • SnowTiger
    • By SnowTiger 14th Sep 18, 3:38 PM
    • 3,421 Posts
    • 2,380 Thanks
    SnowTiger
    • #7
    • 14th Sep 18, 3:38 PM
    • #7
    • 14th Sep 18, 3:38 PM
    Which is exactly what should happen. If a cardholder's details are compromised for whatever reason whilst being processed by an organisation, the name of the organisation should be disclosed to the cardholder so the cardholder can make an informed choice as to whether to continue doing business with that organisation.

    The only way to force an organisation to take the protection of cardholder data seriously is to ensure that, if it doesn't, its business will be damaged. Perhaps irreparably.
    Originally posted by Chino
    If organisations were punished ("irreparably") for reporting data breaches and losses they might stop reporting them to the card networks.
    • eco_warrior
    • By eco_warrior 14th Sep 18, 6:14 PM
    • 116 Posts
    • 35 Thanks
    eco_warrior
    • #8
    • 14th Sep 18, 6:14 PM
    • #8
    • 14th Sep 18, 6:14 PM
    I'm fairly sure that under GDPR merchants must disclose data breaches, which is why BA done so
Welcome to our new Forum!

Our aim is to save you money quickly and easily. We hope you like it!

Forum Team Contact us

Live Stats

3,621Posts Today

8,089Users online

Martin's Twitter
  • RT @Dora_Haf: @MartinSLewis So many people on here saying they're great until you get your PROPER job. What if Your proper job Is ON zero?

  • RT @hslt88: @MartinSLewis I?m a trustee for a youth charity. We only have a limited pool of funds for flexible youth workers for holiday sc?

  • RT @Dan_i_elle_88: @MartinSLewis Loved working zero hour agency care work. Never out of work and I loved having the flexibility! Only left?

  • Follow Martin