In a report remarkable for what it doesn’t say, WLBT TV of Jackson, MS reports:
A possible security breach has one bank giving customers new debit cards. BancorpSouth is sending out new cards to about 6500 customers.
The vice president of the banks security department says account numbers were either lost or they were somehow hacked into.
From The Northeast Mississipi Daily Journal comes word that an unnamed merchant, not the issuing bank itself, was breached:
The Daily Journal reported Friday that BancorpSouth had notified about 6,500 customers in recent days that their MasterMoney debit cards “may have been compromised.” The bank is sending the customers new cards.
BancorpSouth officials noted late Friday in a release that their bank was not the only one with the problem. The release said “other banks across the country are facing a situation in which a small percentage of customers’ debit cards and credit cards have been compromised.”
Account numbers were either lost or hacked into, said Cathy Talbot, president of BancorpSouth’s security department. “It wasn’t BancorpSouth, but with a merchant,” she said in the story in Friday’s Daily Journal.
The merchant wasn’t identified by MasterCard International.
So, MasterCard knows who got 0wned, but they won’t say, leaving an issuer to assume the worst. Sounds similar to something we noted earlier. Meanwhile, the cardholders are already being phished.
Update 01/03/2006: The 12/30/2005 American Banker reports that, according to Visa, the merchant affected by this breach is not Sam’s Club.