This incident has 0 proposed changes. Know of details that have changed? Submit them Showing Incident 288 To_xml

SUMMARY

About 100 customers' debit card information stolen from the database of an unnamed national retailer
Records 100
Record Types CCN
Breach Type Hack
Data Family Electronic
Source Outside
Organization Frost Bank
Other Organizations ?
Lawsuit? NO/UNKNOWN
Data Recovered? NO/UNKNOWN
Arrest? NO/UNKNOWN
Submitted By: Anonymous

TIMELINE

DateEvent
None. Add Data Incident Occurred
None. Add Data Incident Discovered By Organization
2006-05-19 Organization Reports Incident
None. Add Data Organization Mails Notifications
None. Add Data Records Recovered
None. Add Data Lawsuit Filed
None. Add Data Arrest Made

SIMILAR INCIDENTS

recordsdateorganizations
100 2007-04-20 Albertsons
194 2008-07-01 Houghton Mifflin Harcourt
226 2008-04-25 HSBC Holdings plc
50 2009-06-14 Custom House Coffee

MAP OF INCIDENT LOCATION

Address: USA
Have a better address for this incident? Suggest it!

suggest a new reference

REFERENCES

suggest a new attachment

ATTACHMENTS

COSTS SUMMARY

Known Actual Costs

No known costs for this incident.

Estimated Costs

Ponemon Institute Direct Costs Estimate 1 $6,000.00
  1. Note that these estimates are based on the Ponemon Institute's 2009 direct costs figures from their 2009 Annual Study: Cost of a Data Breach. We multiply $60.00 by the number of records to obtain this figure. Keep in mind that depending on the breach, the direct costs are not always suffered by the breached organizations. In the case of credit card number breaches, the direct costs can often be suffered by banks and card issuers. Also note that this is only an estimate.

COMMENTS

by d2d [Data Loss Maven] on 2009-01-12 (about 1 year ago)

We're told that Frost bank isn't the only bank involved in this. Unfortunately, we have no further details. If anyone has any additional information, please feel free to contact us.

by d2d [Data Loss Maven] on 2009-01-14 (about 1 year ago)

An anonymous commenter says: "You do not need to single out Frost Bank in this incident. It was not Frost that was hacked, but its was an unaffiliated third party. The average consumer or business person will only see the name Frost and the work "hack" and assume it was the company's system that was compromised. Action Needed: Remove "Frost" from the reference here as Frost's internal systems nor its direct providers were involved in this. If you do not remove the name then you must add the names of all of the other financial institutions who had customers in the retailer incident. See your own reference material to understand this was not a Frost issue: "The information system breach compromised credit card accounts with banks across the nation,..." If you do not know the name of the party breached then you should say "unknown"."

by jkouns [Investigator] on 2010-03-12 (4 days ago)

An anonymous commenter says: "This issue had nothing to do with FROST BANK. Please remove any reference to FROST BANK as it is creating undue concern and is erroneous and inappropriate. The incident described here was strictly related to a Master Card merchant and not FROST."

New Comment

simple_captcha.jpg
(type the code from the image)

Incidents:

Data Types:

Sectors:

Sources:

Breach Types:

Sponsored By: Credant_200x51 Tenable Pgp_logo Zecurion
Permission is granted to use this database in non-profit works and research. Use of the DataLossDB, and its exports, RSS feeds, reports, or other materials produced on this site by the Open Security Foundation for commercial interests requires authorization and licensing arrangements. For more information, please e-mail curators@datalossdb.org with a brief summary of how you would like to use this information; product, service, research, etc.
© 2005 - 2010, Open Security Foundation, All Rights Reserved.