Monday, November 19, 2007
The card Associations are technically only permitted to fine processors, but processors typically pass those costs on to the merchants involved in incidents leading to fines.
It is estimated the TJX breach affected at least 96 million consumers over a multiyear period during which credit card data was stolen by intruders. (For more details about how the theft was accomplished, see "Security breaches costly to all" by David Mertz in this issue of The Green Sheet.)
Fifth Third was fined $500,000 due to the seriousness of the incident and its effect on Visa. The remaining $380,000 was levied for failure to comply with the Payment Card Industry (PCI) Data Security Standard (DSS).
Visa reserved the right to escalate fines to Fifth Third, which reached $100,000 per month in April and May 2007, for what Visa Vice President Joseph Majka called "the largest data breach in the payment card industry."
The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.