I just closed my MasterCard account after it was used fraudulently — for the second time in less than a month.
This isn’t the first time a card of mine has been compromised but it is the first time it’s happened twice in a row. Even weirder, we
have never used only used the new replacement card that MasterCard sent us one time at a 76 gas station. And finally, this compromised card was an EMV chip card, supposedly more secure.
MasterCard’s fraud detection seems to have worked well. Out of the 51 million transactions MasterCard handles every day, it flagged a $642 purchase at Nordstrom’s that some criminal made with my card on Dec. 23 in San Diego. The MasterCard agent told me that the purchase was refused at the store and I was notified before I even knew a problem existed.
It’s not clear how my information was obtained in the Dec. 23 incident but MasterCard notes in its SEC filing that data breaches “typically involve external agents hacking the merchants’ or third-party processors’ systems and installing malware to compromise the confidentiality and integrity of those systems.”
That’s happened before with my American Express card and others. But then came the dealbreaker. After MasterCard sent me a new replacement card with a new number — it flagged a $99 purchase today at a gas station in Los Angeles. (Update: The folks who have my card tried to use it again yesterday at a gas station in San Francisco). Again, the fraud detection system worked, but there’s something more troubling afoot.
How was the information on my new replacement compromised so quickly?
This time there was no hacking; the number had never been used. Tracing this backwards, the breach like occurred at the 76 gas station. Or someone penetrated the computer of MasterCard, Citibank or the third-party processing systems.
But who knows? Maybe the postman has sticky fingers. Or maybe, since my card has a chip that can be read at a distance using RFID, could someone have obtained my information that way? It’s theoretically possible, but not likely.
So who pays? Not me. By law, if my credit card number was stolen, but not the card, I’m not liable for unauthorized use. Someone is paying, though, and it’s either the merchant that processed the card, the third-party that processed it or the bank that issued it, in my case Citibank.
It’s been nearly fours years since my last post.
I’m going to give blogging a try again, this time as a personal finance blog.
We’ll see what happens.
What Facebook knows about you everytime you visit:
- Your IP address
- Your location via GPS
- The type of browser you use
- The webpages you visit
- When and where you took the photos or videos you post
Anyone, including people off of Facebook, can see the following information about you:
- Profile photo
- Your network
- Your username
With your username, someone can find out:
- Your age range
- Your location
- Your gender
It is utterly impossible, as this country has demonstrated again and again, for the rich to save as much as they have been trying to save, and save anything that is worth saving. They can save idle factories and useless railroad coaches; they can save empty office buildings and closed banks; they can save paper evidences of foreign loans; but as a class they can not save anything that is worth saving, above and beyond the amount that is made profitable by the increase of consumer buying. It is for the interests of the well to do – to protect them from the results of their own folly – that we should take from them a sufficient amount of their surplus to enable consumers to consume and business to operate at a profit. This is not “soaking the rich”; it is saving the rich. Incidentally, it is the only way to assure them the serenity and security which they do not have at the present moment
– 1933 Senate testimony of Mariner Eccles, later first chairman of Federal Reserve.
via the excellent London Banker