# Chase Mastercard Security Breach



## PRR 60 (Apr 4, 2011)

A security breach at Epsilon - a contract e-mail company - has resulting in the names and e-mail addresses of the customers of numerous companies being stolen by an unknown party. Among the companies affected is Chase. According to press reports, only names and e-mails are involved. No other information such as account numbers was compromised.

AGR Credit Card holders should be extra vigilant with any e-mails said to be from Chase. Never respond directly to e-mails with personal information. Never use links in the e-mails to contact Chase websites.

The notice from Chase is HERE.


----------



## Trogdor (Apr 4, 2011)

I think I've received three e-mails from various companies (one was Chase, one was Best Buy, can't remember the third) telling me they use Epsilon and that my e-mail address may have been leaked.

So, this isn't limited to just Chase. Nonetheless, the same rules of internet common sense apply. Be careful who you give your info to. Be leery of any e-mail you receive.


----------



## Devil's Advocate (Apr 4, 2011)

Trogdor said:


> Be careful who you give your info to.


Exactly. Don't give it to Chase or Bank of America or Wells Fargo in the first place and you'll be fine.


----------



## PRR 60 (Apr 4, 2011)

daxomni said:


> Trogdor said:
> 
> 
> > Be careful who you give your info to.
> ...


Or Amtrak?


----------



## NE933 (Apr 4, 2011)

daxomni said:


> Trogdor said:
> 
> 
> > Be careful who you give your info to.
> ...


LOL!! I was almost rolling on the floor with that one!

BTw, I believe the other company was Walgreens; yesterday's TV news had mentioned about them.


----------



## Devil's Advocate (Apr 4, 2011)

PRR 60 said:


> daxomni said:
> 
> 
> > Trogdor said:
> ...


Cash-back cards from hometown banks can also help fund Amtrak travel. You can relax knowing that your home-town bank is a much smaller target for hacking and isn't so large that it can ignore fines for lapses in security or other misuse of personal data like the mega-banks can. Nor are they large enough to bully our federal government into bailing them out whenever they decide to bet the farm on a fools wager. Even though we don't think about it much it's a relatively new situation for millions of Americans to do business with the same bank and for that bank to have gained enough size and power to brush off even our largest fines and push the federal government around. Maybe it's time to return our focus to doing business with people we actually know in our own communities?


----------



## Ryan (Apr 4, 2011)

I got one from TiVo and Best Buy, so it sounds like this is pretty widespread.

Good on the companies involved for being proactive and notifying customers, rather than just hope nobody notices.

I'm not too bent out of shape, with a little bit of common sense and some decent spam filters, this is a complete nonissue.


----------



## the_traveler (Apr 4, 2011)

daxomni said:


> PRR 60 said:
> 
> 
> > daxomni said:
> ...


That is true, *BUT* when you make an online reservation with Amtrak, don't you also have to sign in with personal information also?




(Like your user name - email address - and password?



)And even if you don't - or even if you call an agent - don't you have to give your credit card number?





So what's the difference between giving that information to Chase, BOA, Wells Fargo, Amtrak or Hometown Credit Union?



Even if you have a credit card from Hometown Credit Union, what's to say somebody hacks into Amtrak's or Best Buy's or Macy's or Target's or WalMart's, etc... system and gets the *SAME* information!



(They don't need to hack into Hometown Credit Union's computer at all!)


----------



## Devil's Advocate (Apr 4, 2011)

the_traveler said:


> So what's the difference between giving that information to Chase, BOA, Wells Fargo, Amtrak or Hometown Credit Union?


The difference is that Amtrak provides a unique service that I strongly support and the hometown bank answers my calls with local folks and helps keep our city and state in the black instead of shirking their tax duty by pretending they exist in some Caribbean post office box. What unique service does Chase provide me beyond a legalized kickback scheme in the form of AGR points? Everything else Chase does can be done by any number of other banks. Like most folks these days I used to be a member of multiple mega-banks, but over time I realized that they've become far too big to be punished or even simply allowed to punish themselves through their own bad decisions. When they make a winning bet they receive all the profit. When they make a losing bet the tax payers are expected to bail them out and let them try again. Basically they're nothing anything I want to be any part of. That's not to say everyone should do as I do, but it's important to realize that every choice we make has an impact on the future, including things as seemingly simple as which banks we choose to do business with. I'd like a future where banks no longer have the size and power that allows them to write our financial laws and push us around. This particular security breech may or may not be as minimal as Chase has decided to portray it. We may never know how serious this specific breech was. But what we _do_ know is that there isn't nearly enough oversight when it comes to how banks use or misuse our information and the practical penalties for abuse are far too small to make them fix the problem. All they have to do is send us an email informing us that our information was compromised and we think they did us a favor.



the_traveler said:


> Even if you have a credit card from Hometown Credit Union, what's to say somebody hacks into Amtrak's or Best Buy's or Macy's or Target's or WalMart's, etc... system and gets the *SAME* information!


I don't normally shop at any of those places unless it's some sort of emergency situation. Even then unless I'm buying online I mainly stick to cash and when I do buy online I try to use my checking account unless I'm buying from a completely unfamiliar business, in which case I do use a credit card for legal reasons.


----------



## the_traveler (Apr 4, 2011)

daxomni said:


> when I do buy online I try to use my checking account unless I'm buying from a completely unfamiliar business, in which case I do use a credit card for legal reasons.


There you go! When you buy on line, and use a checking account, you have to provide the EVEN MORE information! Such as


Your name
Your address
Your phone number (maybe)
Your checking account number
Your bank's or credit union's routing number
etc...


----------



## Ryan (Apr 4, 2011)

Using your checking account is a horrible idea. When your information gets compromised ("when", not "if"):

Checking Account (including debit cards that can be processed as a credit card): Your account is potentially drained, meaning no money to buy food, gas, pay bills, etc. Unless you can get auto-debits turned off and don't have any outstanding checks, you're going to get hit with overdraft fees which may or may not be refunded. Bank is out no money at all, and as such is far less motivated to get things fixed than if you had used a...

Credit card: You're not out any money, since until the bill comes due it's all just numbers on a computer. The bank is far more interested in getting the issue resolved since they (not you) are the ones out the money. Your life can continue as usual, since the money in your checking account is safely tucked away and available.


----------



## Devil's Advocate (Apr 4, 2011)

the_traveler said:


> There you go! When you buy on line, and use a checking account, you have to provide the EVEN MORE information!


I typically use a Paypal account and a couple other intermediaries. Most of my personal information is not stored by the seller in such situations, or at least that is my understanding. If you only fund your Paypal or similar account with the amount you are about to spend and ensure there are no automatic debit options then there should be little risk of theft to your primary funds. Again, at least that is my understanding. The only times I know I have been a target of theft it has always been through my credit cards. When online retailers and services lose my data or grow too big to be punished when they screw up I also stop buying from them as well. Simple answers for simple problems. Now how about addressing the rest of my post instead of selective ignoring it? :lol:


----------



## the_traveler (Apr 4, 2011)

I refuse to get into a discussion anymore about which is better or worse. But I'll just say one thing more.

Using cash is not as safe as you think either. If you're unfortunate and receive a counterfeit $20 or $50 as change, and then use it at some other store and they determine it is counterfeit, the store or Secret Service will not give that bill back to you or a real $20 or $50! You will be out that money (thru no fault of your own) - and still owe the store the full amount!

Let's agree to disagree. We both are entitled to our own opinions.


----------



## AlanB (Apr 6, 2011)

Ryan said:


> I got one from TiVo and Best Buy, so it sounds like this is pretty widespread.


It is widespread. I've gotten emails from Chase, Best Buy, Hilton Honors, Marriott, and Verizon so far.


----------

