History of compromises
|From 2005 to 12/31/2015
Total Accounts Compromised By Type
|Total Incidents By Type|
2015 was a mixed bag. The number of compromised accounts was way down from 2014, but still in line with the rising trend from 2006. The incidents of compromised accounts was the highest ever recorded. Even worse, the number of disclosed compromises without disclosure of the number affected may contribute to under reporting of the number affected. One thing is certain: this problem isn’t going to solve itself.
You’ve been told your card was compromised. Ever wonder what really happened? Think you can find out? Read this article from KrebsOnSecurity where noted security researcher Brian Krebs describes some common forms of fraud, their distinguishing characteristic(s) and the chances that you’ll ever learn where and how your account was compromised.
The most common form was a “hacked main street merchant, restaurant: Most often powered by malicious software installed on point-of-sale devices remotely. Distinguishing characteristic: Most common and costly source of card fraud. Losses are high because crooks can take the information and produce counterfeit cards that can be used in big box stores to buy gift cards and/or expensive goods that can be easily resold for cash. Chances of consumer learning source of fraud: Low, depending on customer card usage.”
So, if the confidential consumer credentials were never held by the merchant (not even for a moment so POS RAM scrapers have nothing to scrape), yet the merchant gets paid and the consumer gets billed, then the most common and costly source of card fraud would become profitless for crooks. Sounds like a good idea for a new concept in charge cards. Yep, it is the core of the NoCompromiseChargeCard (NC3).
Charge cards are vital to our national and global economy, which means more opportunities for everyone – including criminals. (4 page PDF)
IEEE article, see abstract Reference for 22.87 million pounds In commercial use since the mid-1950s Bisphenol A (BPA) is an organic compound found in some plastics and in the epoxy resins used some coatings of food and drinks cans. It was recently found to also exist in the paper for cash or charge card processors using thermal printing paper. See Phys.Org article Reference for containing BPA
‘QR Code’ is a registered trademark of Kabushiki Kaisha Denso (Denso Wave Incorporated) and is used with permission
There are Three Major Credit Bureaus and this Federal Deposit Insurance Company (FDIC) web site provides you information on how to contact them to ask about or obtain your credit report or credit score, alert creditors to a possible fraud using your name, or for any other reason. In early 2016 the Federal Trade Commission (FTC) launched a new consumer tool IdentityTheft.Gov
Then read this article by security researcher Brian Krebs about freezing your credit status and opting out of credit offers that can be intercepted by crooks. If you were the victim of tax fraud, read this KOS article. Also see the Identity Theft Resource Center for victim assistance, consumer information and more.