I had to get a new credit card because of a suspected data breach on a merchant network. When I asked what merchant network they refused to tell me. I assumed I had a right to know. I mean what other data may have been breached? Surely that's a reasonable request.