Online security laws
30 May 2006, 06:20 PM
#1
Scooby Regular
Thread Starter
iTrader: (1)
Join Date: Feb 2001
Posts: 1,204
Likes: 0
Received 0 Likes
on
0 Posts
Online security laws
Does anyone know what the law is in the UK if an online trading company becomes aware that credit/debit card information they hold on computer systems becomes compromised? Specifically, is there any legal requirement to notify the individuals or banks concerned (as I believe there is in the US)?
The reason I ask is because my bank debit card was refused at the weekend and I received a letter asking me to contact my bank's Financial Crime Operations group. They told me that my debit card number had turned up on a list of stolen details, and they have had to cancel the card and reissue me with a new one. Luckily no money has gone missing from the account.
I managed to get the name of the internet retailer the information had come from out of them, and phoned them today. They initially denied they had had a problem then came clean about their site being hacked. The stunner was that it happened at the beginning of the year and while they had closed the security loophole in their system (so they claimed) they could not tell whose details had been compromised and so decided not to inform any customers or banks.
Suffice to say I am pretty p***ed off, especially since the card is linked to my main bank account and on-line saving accont, so they could have cleaned me out completely.
The reason I ask is because my bank debit card was refused at the weekend and I received a letter asking me to contact my bank's Financial Crime Operations group. They told me that my debit card number had turned up on a list of stolen details, and they have had to cancel the card and reissue me with a new one. Luckily no money has gone missing from the account.
I managed to get the name of the internet retailer the information had come from out of them, and phoned them today. They initially denied they had had a problem then came clean about their site being hacked. The stunner was that it happened at the beginning of the year and while they had closed the security loophole in their system (so they claimed) they could not tell whose details had been compromised and so decided not to inform any customers or banks.
Suffice to say I am pretty p***ed off, especially since the card is linked to my main bank account and on-line saving accont, so they could have cleaned me out completely.
30 May 2006, 09:03 PM
#2
Scooby Regular
Join Date: May 2000
Location: MY00,MY01,RX-8, Alfa 147 & Focus ST :-)
Posts: 10,371
Likes: 0
Received 0 Likes
on
0 Posts
No - there isn't a law that forces companies to make a disclosure of this type in the UK. The new Companies Act that is currently going through the House of Lords will place a lot of importance on compliance, financial integrity, transparent systems and controls to ensure that systems are secure - which may protect you in the future. It still, to my knowledge, doesn't enforce any form of disclouse on companies though
31 May 2006, 08:31 PM
#3
Scooby Regular
Thread Starter
iTrader: (1)
Join Date: Feb 2001
Posts: 1,204
Likes: 0
Received 0 Likes
on
0 Posts
I followed this up today and cheered me up no end. It turns out Visa have taken it upon themselves to contact the banks about every credit/debit card in the company's customer list - without the company knowing it was happening.
So not only will all of their customers be p***ed off about having their card cancelled, they will probably all be as p***ed off as I am that the company tried to sweep the problem under the carpet. I look forward to seeing them go bust shortly!
I certainly won't use my debit card to buy anything online again - credit cards from now on.
So not only will all of their customers be p***ed off about having their card cancelled, they will probably all be as p***ed off as I am that the company tried to sweep the problem under the carpet. I look forward to seeing them go bust shortly!
I certainly won't use my debit card to buy anything online again - credit cards from now on.
Thread
Thread Starter
Forum
Replies
Last Post
The Joshua Tree
Computer & Technology Related
30
28 September 2015 02:43 PM