Did you ever think you would have to worry about your data while visiting the grocery store? Less than 3 months ago, I was one of the victims of the Hannaford data breach where my credit card number was stolen and fraudulently used. This is kind of ironic. I talk about the digital identities and keeping your data safe. I never thought I would end up on the receiving end of this. Discover card has an excellent fraud department, imo, and immediately of detecting fraudulent use, contacted me. I was issued a new card and it was sent overnight. On Saturday, while in Chicago for php|tek, I received another message from Discover card about fraudulent use. It really sucks when this happens while traveling because the card gets shut-off. I was leaving on Sunday morning, so an overnight delivery wouldn't even reach me. Anyways, I got things settled and was able to check out of the hotel - even paying my bill .
I was told by family that there happened to be fraudulent activities, starting only days earlier, in New Hampshire, again resulting from Hannaford. Finally getting home, I looked into this further. I read in an article that TD Banknorth is issuing new cards to its NH customers as the problem is most likely due to the Hannaford security breach. Now, since the breach, I received a new credit card, so I have a new number. In the past month, I have gone and shopped at Hannaford in New Hampshire. If the fraud stems from Hannaford, then there is no possibility that this is due to the original security breach. I find it too coincidental that my number is compromised within days of the fraudulent activity beginning in NH, where I do occasionally shop. Did Hannaford really fix the problem, is there a new breach no one is talking about, or is this just becoming so widespread that I might as well start using cash.
I have no problems shopping online. Most banks provide tools to generate one time use credit card numbers. I could care less if this number got compromised. Why cant the industry get a clue. When will we have smart credit cards that have no number. Swipe the card, the secure channel gets setup between you and the bank, a one time number generate and the number then passed to the merchants clearing house. This scenario is a classic example I use when talking about Information cards. Although I have envisioned it more used within a browser for on-line shopping, the same flow would also work for a physical card. Industry and governments are pushing hard for all transactions to be conducted electronically - bottom line its cheaper for them. Until they can guarantee my security I am seriously thinking about going back to the cash and carry method. Not even checks are safe because they go and store your account and routing numbers. I think I might be able to get away with just one or two cards for those few on-line purchases I make, with only the few merchants I do trust. Oh yea, and so I can check in and out of my hotels without problems.