LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: RIMdrop: Millions of Californians lost data in the past year
From:	Larry Medina <[log in to unmask]>
Reply To:	Records Management Program <[log in to unmask]>
Date:	Tue, 2 Jul 2013 10:36:52 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (63 lines)

On Tue, Jul 2, 2013 at 10:02 AM, Roach, Bill <[log in to unmask]> wrote:

> >> This was pretty startling though, since Jan 2012 (18 months), 31
> breaches have occurred related to this firm IN CA ALONE... American Express
> Travel Related Services Company, Inc and /or its Affiliates ("AXP")<<
>
> I think this is a slight misinterpretation.  Data breach reporting is not
> based on location of the breach but on the number of CA residents
> potentially included in the breach.  The reporting standard is 500 or more
> residents.
>

Agree with this part... any breach of more than 500 CA residents requires a
notification.

> If you review the provided consumer notification, most of the breaches are
> of merchants who accept AX credit cards, including an engineering firm from
> CO, clothing retailer from PA and a brew pub in Concord, CA.   I believe
> that AX is reporting the breach because the merchants have no means to
> determine the residency of the card holders.
>

Don't agree with this...  here's one of the "sample letters"  from one of
the notifications:

http://oag.ca.gov/system/files/Recoverd%20Cards_AD01_Active%20%28RDCSBMMYY%29%20CM%20Letter_Final_071912_0.pdf?

This says the AMEX card itself was breached, NOT a vendor that a purchase
was made from.  I'd assume if it were vendors who were breached, AMEX would
do whatever they could to deflect attention from themselves...

Additional reports are associated with cardholder information recovered by
> law enforcement and reported to AX.  The breach in these cases is not AX or
> it would have had to been reported as such.
>
> What I find curious is the limited reporting by other credit card
> providers.
>

Agree with this too... hard to believe that others aren't getting breached.

My main point about AMEX is if **MY** name was out there with that much
frequency, I'd do whatever it takes to get off a list like that.  Doesn't
take long for Consumer Confidence to take a dip!

Larry
[log in to unmask]

-- 
*Lawrence J. Medina
Danville, CA
RIM Professional since 1972*

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.IGGURU.US