Last Sunday’s 60 minutes had a report by Lesley Stahl about the now-infamous TJX data breach.
The most interesting conversation was between Stahl and a representative from the National Retail Federation, who placed the blame for lax store security on the credit card companies:
“Is there growing tension between the two sides now?” Stahl asks Dave Hogan, who handles computer technology at the National Retail Federation.
“Lesley, absolutely, there’s growing tension between the two sides,” he replies.
Hogan says credit card companies should change how they do business. “If we could just force Visa and MasterCard to not require retailers to store credit card data, this issue would disappear overnight,” he argues.
Hogan says card companies force retailers to store customer data in case there are charge disputes. He thinks the card companies should hold the data, not the stores.
“Honestly, we can eliminate this problem within a few days,” Hogan says.
“If it’s that easy, why hasn’t it been done?” Stahl asks.
“I’m not too sure how vested the credit companies are as far as securing customers’ data,” Hogan says.
“And you’re saying that the credit card companies are the one’s who are not security conscious?” Stahl asks.
“In my humble opinion, no,” Hogan replies.
He accuses the card companies of using this issue as a way to make money. Visa, for example, has started fining large chains that do not have up-to-date security $25,000 a month.
“If you do the math on it, this could be a windfall of $200 million annually for the credit card companies as far as a revenue stream,” Hogan says.
Visa chose not to respond.
The report also had some interesting emails from inside TJX, proving that they did, in fact, know that their wireless encryption was out-of-date and easy to crack. If you’re the paranoid-about-credit-type you might want to avoid watching this report. Those who enjoy watching Lesley Stahl learn about WEP and WPA while driving around in a van with a lovable nerd should head on over. She’s so cute!
Hi-Tech Heist [60 Minutes]