Penfed Credit Card breached (again)!

Non-investing personal finance issues including insurance, credit, real estate, taxes, employment and legal issues such as trusts and wills.
Post Reply
User avatar
Topic Author
Lbill
Posts: 4997
Joined: Thu Mar 13, 2008 11:25 pm
Location: Somewhere between Up and Down

Penfed Credit Card breached (again)!

Post by Lbill »

I just received an email from PenFed alerting me that my rewards credit card has once again been breached. This happened just over a year ago and my card was replaced. I guess this is becoming an annual event.
Dear Member:

Visa Fraud Control has notified us that your Pentagon Federal Credit Union (PenFed) credit card may have been compromised in a security breach at a 3rd party company.

We ask that you review the PenFed Online account to review the credit card statements for any unauthorized transactions. Information regarding your replacement account is also available at PenFed Online at http://www.PenFed.org.

Although we have taken immediate and prompt action, please remain vigilant over the next months. Promptly report any incidents of suspected identity theft to the three credit bureaus -- Equifax, Experian or Trans Union.
"Life can only be understood backward; but it must be lived forward." ~ Søren Kierkegaard | | "You can't connect the dots looking forward; but only by looking backwards." ~ Steve Jobs
tdogz
Posts: 179
Joined: Fri Nov 11, 2011 11:28 am
Location: United States

Re: Penfed Credit Card breached (again)!

Post by tdogz »

Banks replace "compromised" cards everyday. It doesn't necessarily mean your information was even stolen. Basically, a merchant or card processor will notify Visa and MasterCard when they think their database of card numbers was breached. Visa and MasterCard then pass along those numbers to the banks that issued them. The bank that issued your card will then send you a new card with a new number just in case. We recently replaced about 10% of our customers' debit cards because of the breach at Global Payments earlier this year. However, we never had a single one of those customers report any fraud attempts as a result of the breach.
From the timing, I would say your card was involved in the Global Payments breach...
http://krebsonsecurity.com/2012/05/glob ... w-expands/
User avatar
Topic Author
Lbill
Posts: 4997
Joined: Thu Mar 13, 2008 11:25 pm
Location: Somewhere between Up and Down

Re: Penfed Credit Card breached (again)!

Post by Lbill »

tdogz wrote:Banks replace "compromised" cards everyday. It doesn't necessarily mean your information was even stolen. Basically, a merchant or card processor will notify Visa and MasterCard when they think their database of card numbers was breached. Visa and MasterCard then pass along those numbers to the banks that issued them. The bank that issued your card will then send you a new card with a new number just in case. We recently replaced about 10% of our customers' debit cards because of the breach at Global Payments earlier this year. However, we never had a single one of those customers report any fraud attempts as a result of the breach.
From the timing, I would say your card was involved in the Global Payments breach...
http://krebsonsecurity.com/2012/05/glob ... w-expands/
Thanks for the info. A google search didn't net any info about this recent breach issue. In January 2011 PenFed issued new cards because a hacker got into their system via a laptop. This is apparently a 3rd party breach. I haven't heard from any other of my credit card providers regarding a breach. I'm seriously considering putting a lock on credit reporting agencies to help prevent identity theft, since credit card breach seems to be a regular occurrence these days.
"Life can only be understood backward; but it must be lived forward." ~ Søren Kierkegaard | | "You can't connect the dots looking forward; but only by looking backwards." ~ Steve Jobs
rkhusky
Posts: 17764
Joined: Thu Aug 18, 2011 8:09 pm

Re: Penfed Credit Card breached (again)!

Post by rkhusky »

I recently received a letter about another Penfed 3rd party breach and will be issued a new card number. I found it amusing that the letter said that they could not reveal the name of the 3rd party. Do they have a non-disclosure agreement that forbids revealing incompetence of suppliers?
Post Reply