Extra, Extra, Read All About These 240,000 Credit Card Numbers

from the there's-a-hole-in-the-bucket dept

We wondered yesterday just how clueless newspaper owners really were, and two Massachusetts papers are doing their best to say "quite clueless indeed". It's got nothing to do with Google News, but the Boston Globe and the Worcester Telegram & Gazette -- both owned by The New York Times -- exposed the credit card data of up to 240,000 subscribers. What's so stunning here isn't the mere leak of the data, since that's becoming so common, but rather how it was leaked. The Worcester paper prints its delivery routing slips on internally recycled paper -- the paper it used last weekend happened to be some sort of internal reports with all the credit card numbers on them. The paper now says it's taken "immediate steps" to increase security, and it's set up a hotline for subscribers to call and see if their credit card data was compromised. Why is the burden on their subscribers? Shouldn't the papers be proactively letting people know their card numbers could be circulating? It's continually amazing how so many of these data leaks aren't the results of anything active, like hackers, but rather just products of sheer stupidity.

Reader Comments (rss)

(Flattened / Threaded)

  1. icon
    Rick Gutleber (profile), Feb 1st, 2006 @ 10:50am

    Just like Microsoft...

    Never attribute to malice what can adequately be explained by stupidity.

    The Apocalypse will be started by some low-level person doing something really dumb.

    reply to this | link to this | view in thread ]

  2. identicon
    Anonymous Coward, Feb 1st, 2006 @ 10:55am

    i am amazed

    I work for a credit card company and these stories constantly amaze me. This info should never have been printed in the first place.
    Also, cardholder data should be encrypted in the database, never in plain text. The database servers should be behind several lines of defense.
    Cardholder data should never be printed on paper. All internal communications regarding accounts should be done using information other than the card number such as a serial number in the database relating to the account. Printed or electronic information should never leave the company premises.
    It makes me afraid to use my credit card to think that anywhere I use it may store my info in plain text on unsecure servers.

    reply to this | link to this | view in thread ]

  3. identicon
    Anonymous Coward, Feb 1st, 2006 @ 10:57am

    Re: i am amazed

    I want to know why in the hell all this info was printed in the first place.

    reply to this | link to this | view in thread ]

  4. identicon
    Denny, Feb 1st, 2006 @ 10:59am


    I need help, I am trying to set the time correctly on this new microwave I purchased, its made by "Military" model is "Nuclear missle." But for some reason the clock wont let me set the right time! It started at 2:00 and now its down to 0:12, does anyone know how to set the time correctly? (hah)

    reply to this | link to this | view in thread ]

  5. identicon
    A Funny Guy / The Poison Pen, Feb 1st, 2006 @ 11:11am

    Re: i am amazed

    Now you I won't be gentle on....

    You freaking idiot who is scared to use your credit card cause someone might steal it.....

    so what..... who cares....... your not gonna have to pay anything..........

    if it appens enough to hurt the industry they will close their problamatic loopholes and security leaks.....

    I for one won't worry about it in the least..... its their problem and they will pay for it.... not me....

    The Poison Pen

    reply to this | link to this | view in thread ]

  6. identicon
    Anonymous Coward, Feb 1st, 2006 @ 11:38am

    Re: i am amazed

    Technically you are correct in that the credit card company is liable for the money. However, it can be quite a hassle as you spend hours on the phone with customer service getting it resolved. These things often takes days and even months before they are resolved. In some cases, it does not get resolved and people actually end up paying off debts for stolen card info.

    FYI, I still do use my credit cards. I was just saying that I think it is pretty lame that a store you shop at may store your info in plain text. I think they should store it encrypted or not at all.

    reply to this | link to this | view in thread ]

  7. identicon
    Clown Smash, Feb 1st, 2006 @ 12:14pm

    Re: Poison Pen

    if it (h)appens enough to hurt... blah blah blah...
    It won't cost me anything??
    Is your time not valuable to you?
    Ever have to pay taxes on wages you did not make, cause your Social Security number was used by an illegal alien?
    Ever wonder why you pay 12 to 23 percent intrest on credit cards from a bank? While banks will only give you 2 to 3 percent for using your money?
    Are you a little clueless as to how oil companies had record breaking profits last year? Was it due to the fact that prices were rediculously high?
    "its their problem".... your the "freaking idiot"
    Love ya sweety
    Clown Smash

    reply to this | link to this | view in thread ]

  8. identicon
    Stoned4Life, Feb 1st, 2006 @ 12:14pm

    Re: i am amazed

    The last time I checked, it still hurts your credit score. Even after you get through the hassle of combating your credit card company about the possible fraudulant charges, I think you still have to take another route to fix your credit score.

    reply to this | link to this | view in thread ]

  9. identicon
    Rikko, Feb 1st, 2006 @ 12:39pm

    Re: i am amazed

    Ideal solution being to eliminate this "credit" shit we've based our lives around and resort to the "good old days" where people bought what they had money for and not pay gobs to money to someone for not doing anything.

    reply to this | link to this | view in thread ]

  10. identicon
    TJ, Feb 1st, 2006 @ 7:45pm

    Re: i am amazed

    My experience may be no more reliable a measure of what is common than what your experience has been, but based on my experience I would advise against phoning the CC company in the case of credit card fraud.

    Every CC statement has info about contacting the company and states that phoning may not preserve your rights. I've had one instance of my card # being abused, with five fraudulent charges during one billing period. I mailed a letter to the company listing the fraudulent transactions, asking that the charges be reversed because they were fraudulent and that the company contact me if it needed any additional documentation from me. My understanding is that by law a CC company has to put on hold or reverse charges you say in writing are fraudulent until/unless the company can verify otherwise.

    In less than a week all the charges had been reversed without any further contact, and I never had to spend another minute on the matter. It would have been better had it never happened, but approaching the problem the right way can keep the hassle to the minimum necessary.

    reply to this | link to this | view in thread ]

  11. identicon
    Trollbuster, Feb 2nd, 2006 @ 9:33am

    Re: i am amazed

    Dude.... have *none* of you figured out that TPP is a Techdirt troll?

    reply to this | link to this | view in thread ]

  12. identicon
    Joanne, May 25th, 2006 @ 4:27pm

    Free Online Credit Score Calculator

    I like the online credit score calculator at http://www.moneyforums.co.uk/credit_score_calculator.php

    It allows me to play around with the various options so that I can figure out what to do or say to up my credit score rating, very useful :)

    Cheers !


    reply to this | link to this | view in thread ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Insider Shop - Show Your Support!

Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.