ScoobyNet.com - Subaru Enthusiast Forum

ScoobyNet.com - Subaru Enthusiast Forum (https://www.scoobynet.com/)
-   Non Scooby Related (https://www.scoobynet.com/non-scooby-related-4/)
-   -   Online security laws (https://www.scoobynet.com/non-scooby-related-4/519365-online-security-laws.html)

scud8 30 May 2006 06:20 PM
Online security laws
 
Does anyone know what the law is in the UK if an online trading company becomes aware that credit/debit card information they hold on computer systems becomes compromised? Specifically, is there any legal requirement to notify the individuals or banks concerned (as I believe there is in the US)?

The reason I ask is because my bank debit card was refused at the weekend and I received a letter asking me to contact my bank's Financial Crime Operations group. They told me that my debit card number had turned up on a list of stolen details, and they have had to cancel the card and reissue me with a new one. Luckily no money has gone missing from the account.

I managed to get the name of the internet retailer the information had come from out of them, and phoned them today. They initially denied they had had a problem then came clean about their site being hacked. The stunner was that it happened at the beginning of the year and while they had closed the security loophole in their system (so they claimed) they could not tell whose details had been compromised and so decided not to inform any customers or banks.

Suffice to say I am pretty p***ed off, especially since the card is linked to my main bank account and on-line saving accont, so they could have cleaned me out completely.

Chris L 30 May 2006 09:03 PM
No - there isn't a law that forces companies to make a disclosure of this type in the UK. The new Companies Act that is currently going through the House of Lords will place a lot of importance on compliance, financial integrity, transparent systems and controls to ensure that systems are secure - which may protect you in the future. It still, to my knowledge, doesn't enforce any form of disclouse on companies though

scud8 31 May 2006 08:31 PM
I followed this up today and cheered me up no end. It turns out Visa have taken it upon themselves to contact the banks about every credit/debit card in the company's customer list - without the company knowing it was happening.

So not only will all of their customers be p***ed off about having their card cancelled, they will probably all be as p***ed off as I am that the company tried to sweep the problem under the carpet. I look forward to seeing them go bust shortly!

I certainly won't use my debit card to buy anything online again - credit cards from now on.


All times are GMT +1. The time now is 05:49 AM.


© 2024 MH Sub I, LLC dba Internet Brands