Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Please note this sub-forum does not provide professional finance advice. You should seek advice from a licensed financial advisor.

To post in this sub-forum you must have made 100 posts or have Trust status or have completed our ID Verification.

If investing please consider our affiliate link for new accounts: Sharesies.



ForumsFinance and wealth managementWestpac - Suspected data breach on a merchant network
Dulouz

887 posts

Ultimate Geek
+1 received by user: 384


#272442 25-Jun-2020 08:26
Send private message

I had to get a new credit card because of a suspected data breach on a merchant network. When I asked what merchant network they refused to tell me. I assumed I had a right to know. I mean what other data may have been breached? Surely that's a reasonable request. 




Amanon

Create new topic
Handsomedan
7878 posts

Uber Geek
+1 received by user: 7582

ID Verified
Trusted
Subscriber

  #2511966 25-Jun-2020 08:42
Send private message

Person you were talking to likely didn't know and was probably told not to tell you, even if they found out. 




Handsome Dan Has Spoken.
Handsome Dan needs to stop adding three dots to every sentence...

 

Handsome Dan does not currently have a side hustle as the mascot for Yale 

 

 

 

*Gladly accepting donations...



concordnz
493 posts

Ultimate Geek
+1 received by user: 277

Trusted
EMT (R)

  #2511970 25-Jun-2020 08:50
Send private message

Nope, you don't have a Right to know, the details.
(Particularly as it will be under police investigation & releasing that information may compromise that.)

Yes, you have a Right to know that there HAS been a breach (which it looks like you have been told)

NO, you don't have a Right to know what actions have been taken to mitigate/fix it.
(These details could easily lead to compromises of the same network in the future)


BlueShift
1692 posts

Uber Geek
+1 received by user: 969


  #2511979 25-Jun-2020 09:02
Send private message

Yay! Security by obscurity!



cshwone
1101 posts

Uber Geek
+1 received by user: 854


  #2511981 25-Jun-2020 09:07
Send private message

concordnz: Nope, you don't have a Right to know, the details.
(Particularly as it will be under police investigation & releasing that information may compromise that.)

Yes, you have a Right to know that there HAS been a breach (which it looks like you have been told)

NO, you don't have a Right to know what actions have been taken to mitigate/fix it.
(These details could easily lead to compromises of the same network in the future)

 

The OP wasn't asking for the details of the breach. Just what merchant is involved. I too would expect that information to be made available to at least allow me to assess if I want to continue with that particular merchant or seek alternatives.

SaltyNZ
9064 posts

Uber Geek
+1 received by user: 10071

Trusted
2degrees
Lifetime subscriber

  #2511997 25-Jun-2020 09:26
Send private message

BlueShift:

 

Yay! Security by obscurity!

 

 

 

 

Security by obscurity is a thing. Knowledge of your opponent is always the first step in attacking them. The harder you make it to gain that knowledge, the harder you make it to exploit.

 

The lesson that you should take away is not that obscurity is not security, it is that obscurity must not be your only security. A vault door needs a lock, but it's still helpful for the door to be located in a dark basement, inside a disused lavatory with a 'Beware of the Leopard' sign on the door.




iPad Pro 11" + iPhone 15 Pro Max + 2degrees 4tw!

 

These comments are my own and do not represent the opinions of 2degrees.

concordnz
493 posts

Ultimate Geek
+1 received by user: 277

Trusted
EMT (R)

  #2512003 25-Jun-2020 09:47
Send private message

cshwone:

concordnz: Nope, you don't have a Right to know, the details.
(Particularly as it will be under police investigation & releasing that information may compromise that.)

Yes, you have a Right to know that there HAS been a breach (which it looks like you have been told)

NO, you don't have a Right to know what actions have been taken to mitigate/fix it.
(These details could easily lead to compromises of the same network in the future)


The OP wasn't asking for the details of the breach. Just what merchant is involved. I too would expect that information to be made available to at least allow me to assess if I want to continue with that particular merchant or seek alternatives.



Nope, you still don't have any 'right' to that information,
Particularly when an active police investigation is likely to be open.

(In 6-12months when investigations are complete - you may see a police announcement that 'such & such' a network was penetrated - it was investigate (culprits caught or not) & also further recommendations made and implemented. )
THAT is to appropriate time for you to be made aware of that information (not before).

 
 
 
 

Shop on-line at New World now for your groceries (affiliate link).
Wander4821
34 posts

Geek
+1 received by user: 19


  #2512007 25-Jun-2020 10:00
Send private message

Ah Westpac. I got a credit card with them once, and cancelled it after a few months of them refusing to allow me to set up an online account to make card payments, and refusing to allow me to make payments in person. They don't value their credit card customers, and want them to be deep in the red.

Sounds like they are as reputable as ever...*sarcasm*

rugrat
3148 posts

Uber Geek
+1 received by user: 950

Lifetime subscriber

  #2512033 25-Jun-2020 10:27
Send private message

I got an email from BNZ saying my card could have been compromised, I could continue using it but only in person and all online transactions blocked.

 

 

 

To verify I tried mobile top up which declined, so rung bank and asked for new card to be sent out with all features enabled. There was no suspicious charges on my account and they wouldn’t tell me why they thought it was comprised. I was left wondering and trying to guess all recent merchants dealt with, was finger pointing in the dark.

 

Bank waived all normal charges for sending card. Though I did lose new card in last year (First time ever) and they sent new card no charges so maybe charging for replacement cards has stopped.

 

Wonder if they’ll find a better way for credit card online purchases that doesn’t divulge rarely changing numbers.

MikeAqua
8203 posts

Uber Geek
+1 received by user: 3957


  #2512043 25-Jun-2020 10:44
Send private message

We can probably work this out.

 

A bunch of people will have been told their card may be compromised. 

 

Cross reference which merchants they have shopped at. 




Mike

Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright