Date: Tue, 09 Sep 2014 21:36:25 -0400
From: mark <whitroth@5-cent.us>
To: undisclosed-recipients:;
Subject: [WSFA] In Wake of Confirmed Breach at Home Depot, Banks See Spike in PIN
 Debit Card Fraud
Reply-To: WSFA members <WSFAlist@KeithLynch.net>

I really was serious - if you were at Home Depot since April, talk to your banks.

Excerpt:
Home Depot was quick to assure customers and banks that no debit card PIN
data was compromised in the break-in. Nevertheless, multiple financial
institutions contacted by this publication are reporting a steep increase
over the past few days in fraudulent ATM withdrawals on customer accounts.

The card data for sale in the underground that was stolen from Home Depot
shoppers allows thieves to create counterfeit copies of debit and credit
cards that can be used to purchase merchandise in big box stores. But if
the crooks who buy stolen debit cards also are able to change the PIN on
those accounts, the fabricated debit cards can then be used to withdraw
cash from ATMs.

Experts say the thieves who are perpetrating the debit card fraud are
capitalizing on a glut of card information stolen from Home Depot
customers and being sold in cybercrime shops online. Those same crooks
also are taking advantage of weak authentication methods in the automated
phone systems that many banks use to allow customers to reset the PINs on
their cards.
--- end excerpt ---

<http://krebsonsecurity.com/2014/09/in-wake-of-confirmed-breach-at-home-depot-banks-see-spike-in-pin-debit-card-fraud/#more-27709>

        mark