What Causes Credit Card Issuers To Raise Interest Rates?
Suze Orman And the FDIC Partner To Help Consumers With Determining Bank Account Insurance Status

Bank of New York Mellon's Data Breach Widens

Recently, an I've Been Mugged reader wrote to me via e-mail:

"I just received a letter from Mellon today 09/19/08 regarding my personnel information being lost. I found your blog today while trying to go to their web site. This has to be a scam."

Unfortunately, the Bank of New York Mellon's data breach is real. According to CNN Money, the bank's original estimate of affected data breach victims has been revised from 4 million to 12 million. The Hartford Courant reported that the number of affected Connecticut residents increased from 500,000 in May to 635,000. The Boston Globe reported that the number of affected Massachusetts residents increased from 200,000 in May to about 400,000.

In my opinion, the bank's president, CEO, CSO (Chief Security Officer), and CIO (Chief Information Officer) should all be fired immediately due to this mess. How could the bank be so wrong with the number of affected customers? According to the CNN Money article:

"... a third-party re-examination of the analysis applied to the lost tapes has revealed that the affected number of individuals is actually about 12 million, Heine said. The company is in the process of notifying the additional consumers."

It would seem that the company didn't know exactly what was on the lost (or stolen) data tapes. this reminded me a lot of IBM's data breach last year involving lost/stolen data tapes. Since I had moved my residence several times, IBM found me by hiring a private investigator to locate my current residential address. The same may also apply to many Bank of New York Mellon customers, who had terminated their accounts with the bank, while the bank archived their sensitive personal data. And, the investigator may have accurately contacted some consumers and inaccurately contacted others.

If you aren't sure if the breach notification letter you received is real or a scam, read this blog post about how to determine the letter's authenticity. If you received a breach notification letter from the Bank of New York Mellon, you might call the phone number listed in the letter (or in the web site) and ask them how they verified that you are indeed affected... how they are certain it's you. Ask probing questions and don't let them off easy.

And remember... you have a choice about how to protect your identity and financial information. If you are a Bank of NY Mellon breach victim, you have a choice. You can accept the credit monitoring offered by Bank of NY Mellon, or you can use another credit monitoring service that best suits your identity protection needs. Everyone's needs are not the same.


Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.