There has been a major problem in US banks with debit card information, putting many clients at risk. Six financial institutions, including Mainstreet Bank, Savers Bank, The Village Bank, Watertown Savings Bank, Webster Five Cents Savings Bank, and Eagle Bank, had their debit card security exposed as a result of a security breach on a merchant’s payment card platform.
This is an issue that is becoming more prevalent by the day, with the number of affected clients increasing with each hack. This is why the financial institutions submitted a report with the Massachusetts state government to inform the public and try to anticipate the situation.
Statements have been released, and a copy of a notice sent to Eagle Bank customers was recently posted on the government’s website explaining the reasons for the fallout.
An unnamed Mastercard merchant allowed unauthorized access to bank account information, jeopardizing user data security. The Village Bank and Savers Bank confirmed the information by sending out notes and letters to its customers, informing them of the situation.
According to the Savers statement, affected customers can read “We have been notified by MasterCard International of a suspected security breach of a merchant’s network, transactions that may have compromised some of Savers Bank’s debit card numbers.”
We have found no indication of fraudulent activity; but, to protect your account, we are reissuing all impacted cards. You will receive a new debit card on October 29, 2024.”
Officials at both the institution and Eagle have told clients that they will be automatically provided replacement debit cards, with no additional reporting or justification required to prevent the spread of fraudulent transactions to compromised cards.
Webster Five Cents Savings Bank has likewise issued mandated replacement debit cards, but appears to have provided fewer facts about the breach to its customers, ostensibly to reduce unnecessary panic at this early time. “We were recently notified that your Webster Five debit card number may have been hacked.
To prevent any unauthorized use of your card, we have given you a replacement debit card, which will arrive in the mail within 7-10 business days. It is critical to analyze your statements as soon as they arrive to identify any unexpected transactions.
If you realize that your card has been abused, please tell us immediately so that we can close it and collaborate with you to submit a dispute. You are not liable for unauthorized debit card transactions if we hear from you within 60 days of sending the first statement containing the problem or error.”
Watertown Savings Bank is taking a more conservative approach, advising customers to be cautious and only issue new cards on request. This may be a good strategy to reduce panic, but it may be counterproductive in the long run because worried individuals whose information has not been compromised may request a replacement card out of extreme caution. In their statement, they reflect.
“Your personal information, including your name and card number, was captured during the breach.”We do ask that you continue to monitor your account activity over the next 12 to 24 months and report any strange or suspicious activity promptly. If you would rather that we issue a new card, please contact the bank.”
Mainstreet provided further details, including the dates of the breach (“June 28, 2023 through April 26, 2024”) and the type of information taken by the attackers, which included personally identifiable or protected data.
They are also taking the prudent option of not automatically replacing impacted debit cards, but rather issuing replacements to individuals who request them. As they stated, “We have reason to suspect that some of our customers’ card data was hacked (which might include card names, numbers, and expiration dates) during the event.
At this time, we have no cause or evidence to suspect that an unauthorized individual obtained any personal information, such as Social Security numbers or Main Street Bank account numbers.”