A blank envelope arrived on Amanda’s doorstep. She almost tossed it aside, since it didn’t say “HEY! I’M IMPORTANT!” on it. She happened to feel a plastic card inside, though, so she opened it up. Inside was her new debit card. That’s good, isn’t it? Amanda doesn’t think so.
The letter from her bank said that they were issuing customers new cards as a pre-emptive measure becacuse of all of the large recent data breaches, even though Amanda’s card number hadn’t turned up in any of the stolen data sets and she hadn’t used it at any retailers that have reported data breaches (yet.)
“The kicker? I had two business days lead time to activate my new card before my current one would stop working,” Amanda wrote to Consumerist. “A little irksome, to say the least.” What if she had been on vacation or out of town, away from her mailbox but dependent on that debit card to get around?
She wrote to us in order to warn other U.S. Bank customers that a new card might be coming, if it hasn’t already. Watch out, especially if you plan to be out of town for more than a few days. “If I’d been gone for a long weekend or accidentally destroyed the new card, my current card would have been canceled and I would have no idea why!” notes Amanda.
We contacted U.S. Bank and asked why they’re automatically deactivating customers’ cards without notifying them first.
We’ll update this post if we find out. We heard back from US Bank: they say that it’s a compromise between customer safety and not leaving their customers cardless. Here’s their statement:
U.S. Bank takes customer fraud protection seriously. We recently reissued credit and debit cards where account numbers were among those compromised in mass data breaches, even if the account did not show fraud yet. This is a safety measure to protect customers from future fraud.
We balance the time we give customers to activate new cards with the need to close old cards quickly; the longer the compromised card is open, the greater risk of fraud, so sometimes the period between receiving a new card and activation is short.
We encourage customers to provide their mobile number and use our email or text alert features so they can take immediate action in the event of fraud or if there is an issue with the card they are currently using. These data security measures are standard industry practice and done in the best interest of our customers.