Reports are surfacing of an apparently major security breach involving thousands of US debit card accounts, with US banks reportedly advising customers of the problem and quietly issuing new cards.
News reports suggest that, despite the re-issue of their cards, many account holders could still be liable for the first $500 of any losses on their accounts.
Apparently the hackers not only grabbed the card details, but the PINs as well, leaving the cardholders wide open to fraud.
A senior Gartner analyst, Avivah Litan, is quoted as saying the case is the worst debit card/PIN breach seen in the US to date.
Litan is quoted as saying that 200,000 to 300,000 consumers may have had new debit cards issued, and the banks are reportedly monitoring account activity for the consumers at risk.
And now the bad news. In the US, the first $150 of losses on credit cards have to be absorbed by cardholders. With debit cards, this figure rises to $500.
These losses are enshrined in US consumer credit legislation, which says they will be imposed if the customer does not notify their bank of a security breach in a timely manner.
Of course, if the cause of the breach is not known, customers are in no-mans' land when it comes to the reimbursement of losses.
A nasty situation, to say the least...