Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Dulouz

705 posts

Ultimate Geek


#272442 25-Jun-2020 08:26
Send private message

I had to get a new credit card because of a suspected data breach on a merchant network. When I asked what merchant network they refused to tell me. I assumed I had a right to know. I mean what other data may have been breached? Surely that's a reasonable request. 





Amanon

Create new topic
Handsomedan
3127 posts

Uber Geek

Trusted
Subscriber

  #2511966 25-Jun-2020 08:42
Send private message

Person you were talking to likely didn't know and was probably told not to tell you, even if they found out. 





Handsome Dan Has Spoken.
Handsome Dan is also still somewhat perplexed...


concordnz
245 posts

Master Geek

Trusted
EMT (R)

  #2511970 25-Jun-2020 08:50
Send private message

Nope, you don't have a Right to know, the details.
(Particularly as it will be under police investigation & releasing that information may compromise that.)

Yes, you have a Right to know that there HAS been a breach (which it looks like you have been told)

NO, you don't have a Right to know what actions have been taken to mitigate/fix it.
(These details could easily lead to compromises of the same network in the future)


 
 
 
 


BlueShift
1568 posts

Uber Geek


  #2511979 25-Jun-2020 09:02
Send private message

Yay! Security by obscurity!


cshwone
476 posts

Ultimate Geek


  #2511981 25-Jun-2020 09:07
Send private message

concordnz: Nope, you don't have a Right to know, the details.
(Particularly as it will be under police investigation & releasing that information may compromise that.)

Yes, you have a Right to know that there HAS been a breach (which it looks like you have been told)

NO, you don't have a Right to know what actions have been taken to mitigate/fix it.
(These details could easily lead to compromises of the same network in the future)

 

The OP wasn't asking for the details of the breach. Just what merchant is involved. I too would expect that information to be made available to at least allow me to assess if I want to continue with that particular merchant or seek alternatives.


SaltyNZ
5476 posts

Uber Geek

Trusted
Lifetime subscriber

  #2511997 25-Jun-2020 09:26
Send private message

BlueShift:

 

Yay! Security by obscurity!

 

 

 

 

Security by obscurity is a thing. Knowledge of your opponent is always the first step in attacking them. The harder you make it to gain that knowledge, the harder you make it to exploit.

 

The lesson that you should take away is not that obscurity is not security, it is that obscurity must not be your only security. A vault door needs a lock, but it's still helpful for the door to be located in a dark basement, inside a disused lavatory with a 'Beware of the Leopard' sign on the door.





iPad Pro 11" + iPhone XS + 2degrees 4tw!

 

These comments are my own and do not represent the opinions of 2degrees.


concordnz
245 posts

Master Geek

Trusted
EMT (R)

  #2512003 25-Jun-2020 09:47
Send private message

cshwone:

concordnz: Nope, you don't have a Right to know, the details.
(Particularly as it will be under police investigation & releasing that information may compromise that.)

Yes, you have a Right to know that there HAS been a breach (which it looks like you have been told)

NO, you don't have a Right to know what actions have been taken to mitigate/fix it.
(These details could easily lead to compromises of the same network in the future)


The OP wasn't asking for the details of the breach. Just what merchant is involved. I too would expect that information to be made available to at least allow me to assess if I want to continue with that particular merchant or seek alternatives.



Nope, you still don't have any 'right' to that information,
Particularly when an active police investigation is likely to be open.

(In 6-12months when investigations are complete - you may see a police announcement that 'such & such' a network was penetrated - it was investigate (culprits caught or not) & also further recommendations made and implemented. )
THAT is to appropriate time for you to be made aware of that information (not before).

Wander4821
34 posts

Geek


  #2512007 25-Jun-2020 10:00
Send private message

Ah Westpac. I got a credit card with them once, and cancelled it after a few months of them refusing to allow me to set up an online account to make card payments, and refusing to allow me to make payments in person. They don't value their credit card customers, and want them to be deep in the red.

Sounds like they are as reputable as ever...*sarcasm*

 
 
 
 


rugrat
2197 posts

Uber Geek

Lifetime subscriber

  #2512033 25-Jun-2020 10:27
Send private message

I got an email from BNZ saying my card could have been compromised, I could continue using it but only in person and all online transactions blocked.

 

 

 

To verify I tried mobile top up which declined, so rung bank and asked for new card to be sent out with all features enabled. There was no suspicious charges on my account and they wouldn’t tell me why they thought it was comprised. I was left wondering and trying to guess all recent merchants dealt with, was finger pointing in the dark.

 

Bank waived all normal charges for sending card. Though I did lose new card in last year (First time ever) and they sent new card no charges so maybe charging for replacement cards has stopped.

 

Wonder if they’ll find a better way for credit card online purchases that doesn’t divulge rarely changing numbers.


MikeAqua
6059 posts

Uber Geek


  #2512043 25-Jun-2020 10:44
Send private message

We can probably work this out.

 

A bunch of people will have been told their card may be compromised. 

 

Cross reference which merchants they have shopped at. 





Mike


Create new topic





News »

Huawei launches IdeaHub Pro in New Zealand
Posted 27-Oct-2020 16:41


Southland-based IT specialist providing virtual services worldwide
Posted 27-Oct-2020 15:55


NASA discovers water on sunlit surface of Moon
Posted 27-Oct-2020 08:30


Huawei introduces new features to Petal Search, Maps and Docs
Posted 26-Oct-2020 18:05


Nokia selected by NASA to build first ever cellular network on the Moon
Posted 21-Oct-2020 08:34


Nanoleaf enhances lighting line with launch of Triangles and Mini Triangles
Posted 17-Oct-2020 20:18


Synology unveils DS16211+
Posted 17-Oct-2020 20:12


Ingram Micro introduces FootfallCam to New Zealand channel
Posted 17-Oct-2020 20:06


Dropbox adopts Virtual First working policy
Posted 17-Oct-2020 19:47


OPPO announces Reno4 Series 5G line-up in NZ
Posted 16-Oct-2020 08:52


Microsoft Highway to a Hundred expands to Asia Pacific
Posted 14-Oct-2020 09:34


Spark turns on 5G in Auckland
Posted 14-Oct-2020 09:29


AMD Launches AMD Ryzen 5000 Series Desktop Processors
Posted 9-Oct-2020 10:13


Teletrac Navman launches integrated multi-camera solution for transport and logistics industry
Posted 8-Oct-2020 10:57


Farmside hits 10,000 RBI customers
Posted 7-Oct-2020 15:32









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.