It's happened to me a few times. It's a drag and it shouldn't happen, but you're unlikely to find a service provider who hasn't had it happen.
posted by GuyZero at 10:08 AM on October 7, 2009

It sounds like the problem is not with your credit card, but with the places you're using it. "Merchant database compromise" would mean that information was leaked from somewhere you've used your card, where the number and/or other information is on file. So even though it's a pain to have to update your automatic billing services, I'd be happy Citibank is being proactive and monitoring these situations.
posted by LolaGeek at 10:09 AM on October 7, 2009

Yes it happens a lot. At least twice to me so far.

There are a number of card companies behind the scenes that are processing and storing your credit card data , when one of these is compromised its fairly standard to do a mass re-issue of plastic.

Good example here, chances are anyone who ever shopped at TJ Maxx got a new card.
posted by Scientifik at 10:09 AM on October 7, 2009

I've had this happen twice. I suspect that banks/card issuers are being more careful now than they used to be...and I suspect there are more opportunities for numbers to be compromised...
posted by HuronBob at 10:10 AM on October 7, 2009

Yeah, this has happened to me. Aside from illustrating the numerous problems with our current ridiculous system, what troubles me in particular is that the credit card company, even when I called, would not divulge the name of the merchant which was compromised.

So I probably gave my new credit card number to the same bank of idiots again. Yay.
posted by adipocere at 10:12 AM on October 7, 2009

A bank notified me to come by and pick up a new credit card for this reason just last week. Luckily for me it was my small-change prepaid card, bought from a bank I don't keep an account with, so there was not much to worry about.

You should be both happy and irritated : Happy that your bank is taking appropriate measures, and irritated that some merchant you do business with was dumb enough to keep your card number on file and then lose it.
posted by Dr Dracator at 10:25 AM on October 7, 2009

This is happening more lately, not less in my experience. To adipocere, it's often a processor that handles loads of merchants that gets compromised, not a single merchant. So there isn't a lot practical that you could do if the bank gave you the name of the processor.
posted by kookoobirdz at 10:40 AM on October 7, 2009

I'm voting dead and increasingly common, and bet there's easily found data to prove it. It's just getting too easy to steal/abuse this stuff.

Me, last couple years: had to change a checking account because of info theft at a mortgager; had to change the same credit card twice because of mass info thefts from Marshalls and one of the big intermediary card processing companies; had to change two debit cards before I even got a chance to use them (one number lazily copied off the envelope using a pencil to scratch the number ridges, the other via letter from the bank announcing the new/old card had been stolen that arrived the same day the actual card did). Me, previous 35 years: nada.

And it'd be more than that if I hadn't passed on a couple ATMs that looked suspicious and turned out to have been skimmed. Unfortunately, I don't expect we'll see the system being fixed until it gets a lot worse.
posted by Pufferish at 11:04 AM on October 7, 2009

For what it's worth, this has happened to me, but automatically billed things (like Netflix) were sent through the new credit card number without my having to do a thing. So I don't know if it's necessary to contact them at all.
posted by Dee Xtrovert at 11:42 AM on October 7, 2009

This is tremendously annoying and I've had it happen 3 times in the last two years.

What I've done is switch all my automatic payments over to a card I use only for automatic payments, in the hopes that by never using it anywhere else, it will remain uncompromised, and thus not need me to waste a giant shitload of time on hold with my three phone companies every 6 months.

Then, my other card will get used for all the other charges that are likely to get the number ripped off but don't require me to set it up in advance.
posted by jacquilynne at 2:35 PM on October 7, 2009

Point of order "So I probably gave my new credit card number to the same bank of idiots again. Yay."

Is't not your credit card number - it's the issuing banks. Note the back of the card, it probably says it's the propery of the issuer and must be returned/destroyed upon request.

IT's certianly an inconvenience to you as a customer, and it's imporant we all keep hte pressure on the card system / banks themselves to deal with the security and liability issues, rather than force them on us. The offer a produce that we don't strictly need... and as credit cards become a liability to possess, people will stop using them.
posted by TravellingDen at 11:24 PM on October 7, 2009

Yes, it's not uncommon, and yes, you (the consumer) hear about it more these days. Regulators have encouraged banks to develop detailed customer notification strategies for what's termed in the industry as "card compromise" events. Banks have developed contact strategies based on the nature of the compromise, the breadth of it, etc, and based on which bells go off, are required to send certain types of information or take certain actions.

In a lot of cases, it's Visa/MC/Discover telling your bank that a compromise has occurred, and a lot of times even the banks aren't given detailed information about what happened, just the "threat level" so they can notify customers and take action accordingly.
posted by ersatzkat at 12:14 PM on October 8, 2009

This thread is closed to new comments.