“Millions” Of Visa & MasterCard Accounts Breached?

Reader S. got a call this morning from Citibank. They said her card had been compromised and she needed a new card. When she asked for details, Citibank could only say that an unspecified business had their system compromised, affecting “millions” of Visa and MasterCards

This is the first we’ve heard of it. Anyone else receive a similar call recently? If you do receive a fraud alert call, ask questions and see if it’s related to this mystery businesses’ lax security procedures. The goal being to find out what business this is. — BEN POPKEN


Edit Your Comment

  1. MeOhMy says:

    I got one 2-3 months ago. They would not tell me the culprit.

  2. d0x says:

    Why cant someone compromise my visa and mastercard so i can blame all the charges on them? I have no luck!

  3. AlteredBeast (blaming the OP one article at a time.) says:

    Not very slick customer service to say that this hit “millions” of customers.

    “Oh, don’t worry,you aren’t the only one who’s security was compromised. It happened to millions of others. No big deal, happens all the time.”

  4. This sounds like vishing to me (I hate that word).

  5. drrew says:

    In the State of Washington, if a system is breached is the company is legally required to notify the affected cardholders. The actual company, not just the card issuer.

    Citibank is charging that breached company to replace your card and making a tidy little profit on the transaction.

  6. synergy says:

    I agree on the vishing. It was the first thing I thought of. On the other hand, if it’s true yeah that’s GREAT Customer Service. lol

    Off-topic: am I the only one seeing the comments all wonky. Is Consumerist playing with the look of the joint?

  7. synergy says:

    I agree that it sounds like vishing at first glance. To admit it effects millions is poor customer service.

    Ok I think Consumerist IS messing with the look of the joint.

    Sorry if this is a repeat.

  8. nweaver says:

    Big breaches DO happen all the time.

    Some little resteraunt’s POS terminal is broken and all customer EVER served have their credit card # breached.

  9. Magister says:

    What is vishing vs phishing?

  10. kimmie says:


    ut now, the criminal element has shifted from asking people to click on links to placing a phone call instead. Only the number isn’t to a bank or credit card, it’s to a VoIP phone that can recognize telephone keystrokes.

    The thieves don’t even use an e-mail blast, they use a war dial over a VoIP system to blanket an area. A recorded message tells the person receiving the call that their credit card has been breached and to “call the following (regional) phone number immediately.”

  11. sbs says:

    I’m the reader who wrote in about this issue.

    To clarify, I didn’t give my details to the person who called (they left a voicemail for me). I called the number on the back of my credit card and spoke with the customer service folks that way. I wasn’t “vished” – I called them to verify the details.

    Still no clue what company it is that had this security breach, and it’s really frustrating!

  12. LTS! says:

    Well, I would get a new credit card company if they can’t disclose the details. Obviously your information is not safe.

    I wonder why people doesn’t use virtual numbers more often, it does make things a bit better, doesn’t it?

  13. aultl says:

    I am in TN and I got a letter from my bank and a new visa debit card around Dec 15, 2006 stating that my existing card would be terminated on Jan, 1 2007 due to a percieved breach at a merchant location.

    I called and asked why my wife did not recieve a new card as well (joint acct) and they said only my card was possible breached and would give me no other details.

  14. iheartjoo says:

    I got this call. Called Citi and received the same info. They wouldn’t tell me who the business was.

  15. sbs says:

    I use virtual account numbers whenever I shop online, which leads me to believe this was a place I personally visited – grocery store, gas station, etc? Still no clue who the business is, and I’m surprised if this is “millions” affected why no news outlet has picked up the details.

  16. orielbean says:

    To those who got the call – You should all post your bills w/ the list of businesses on them (redact or cross out all the other details, obviously) to see if you all have a vendor in common…a little comparison should outline who the culprit business was…

  17. uppity1 says:

    I am in TN too – did not receive a call but noticed fraudulent charges on my bill starting at the end of 10/06.

  18. rschwarz_jr says:

    I just had a fraudulent charge and had to get new cards yesterday. They didn’t mention anything about a breach in security but we can’t figure out how it happened.