|
|
01-01-2011, 09:26 AM
|
#61
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jun 2002
Location: Texas: No Country for Old Men
Posts: 50,022
|
Looks like I spoke too soon.
When checking my CC balance this morning I noticed I was issued a new CC number today. Unfortunately the transferred balance does not include the payment (in full) I made to the CC yesterday. The old card shows the correct payment amount, the new one shows the amount as a debit, which cancels out the payment. Sigh...
More emails and phone calls next week to straighten this out. I've enjoyed the 5% discount on gas for the cars and diesel for the RV, but my hassleometer has just about pegged.
__________________
Numbers is hard
|
|
|
|
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!
Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!
You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!
|
01-01-2011, 10:43 AM
|
#62
|
Moderator
Join Date: Feb 2010
Location: Flyover country
Posts: 25,362
|
Don't worry about it.
I'm being issued two new card numbers from PFCU, and the double accounting has been going on for a couple of weeks now.
They can take 3-4 days to properly reconcile the entries between old and new cards when I check their website, but they always get it right with no prodding from me.
Still haven't physically received the new cards yet, but I'm not concerned since they said it was OK to keep using the old ones until I activate the new ones.
__________________
I thought growing old would take longer.
|
|
|
01-01-2011, 02:17 PM
|
#63
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Dec 2008
Location: On a hill in the Pine Barrens
Posts: 9,722
|
I'm storing the PDF statements that are online at PFCU. Also doing this with my AMEX statements.
I have also been notified that a new CC has been issued. I was thinking it was one of my merchants, but see I am wrong.
Oh well.
|
|
|
01-06-2011, 09:15 AM
|
#64
|
Full time employment: Posting here.
Join Date: May 2007
Posts: 984
|
Got my replacement card today and also a separate letter about "a recent discovery of a data security breach in mid December 2010 in which some of your personal information was improperly accessed". They are offering two years of access to ID TheftSmart through Kroll Inc. Figured something like this had happened since this was my second card replacement in two months.
|
|
|
01-06-2011, 10:08 AM
|
#65
|
Thinks s/he gets paid by the post
Join Date: Apr 2006
Posts: 1,684
|
Saw this today: Malware snags Pentagon Federal CU member’s SSN and data | Office of Inadequate Security
"According to a letter sent to the state on December 30, on December 12, PenFed discovered that a laptop had been infected with malware. The compromise allowed access to a database containing names, addresses, Social Security Numbers, credit card and/or debit card numbers, and PenFed account numbers for PenFed members, joint owners, former members, employees, and beneficiaries. "
This is one that they know about. It makes one wonder what other breaches are undetected. At any rate, the user of this laptop is/was one of those "trusted individuals" with access to information.
Edit to add: I wish it were not so, but I am afraid that going forward this type of event is going to become business as usual until there is a major technology breakthrough in data security.
I bet the card issuers have gotten or will get very efficient at reissuing cards for possibly compromised accounts.
|
|
|
01-06-2011, 10:22 AM
|
#66
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jun 2002
Location: Texas: No Country for Old Men
Posts: 50,022
|
Thanks Rustward. Now we know why...
__________________
Numbers is hard
|
|
|
01-06-2011, 02:29 PM
|
#67
|
Moderator
Join Date: Feb 2010
Location: Flyover country
Posts: 25,362
|
This is why I have several credit cards. Imagine being on a foreign trip, when you really need a credit card, and suddenly find out your primary card has been compromised and frozen.
It has happened to me, once in England and once in Belgium.
My main card is the PFCU Visa, because of the great rewards program.
But I also have:
USAA MasterCard, which has a decent rewards policy
REI Visa, I buy a lot from them and using their card gets their annual rebate
Hilton Amex, because I frequently stay at Hampton Inns
PFCU Amex, to get that great signing bonus
When I travel, I carry all of them, just to be on the safe side. If one or two have a problem, I'm still covered with the others.
__________________
I thought growing old would take longer.
|
|
|
01-06-2011, 05:40 PM
|
#68
|
Moderator Emeritus
Join Date: Dec 2002
Location: Oahu
Posts: 26,860
|
Quote:
Originally Posted by braumeister
My main card is the PFCU Visa, because of the great rewards program.
But I also have:
USAA MasterCard, which has a decent rewards policy
REI Visa, I buy a lot from them and using their card gets their annual rebate
Hilton Amex, because I frequently stay at Hampton Inns
PFCU Amex, to get that great signing bonus
When I travel, I carry all of them, just to be on the safe side. If one or two have a problem, I'm still covered with the others.
|
Do you seen an effect on your credit rating?
I have four cards: two of which I routinely carry, a third with a credit limit I'll never qualify for again, and a fourth that used to be shared with my daughter before she was old enough to get her own.
Spouse has one credit card, and her credit score routinely comes in 20-30 points higher than mine.
I'm planning to get rid of the fourth card and I may even get rid of the third card. I figure a primary and a back up is "good enough". Anything beyond that may just be inviting trouble.
__________________
*
Co-author (with my daughter) of “Raising Your Money-Savvy Family For Next Generation Financial Independence.”
Author of the book written on E-R.org: "The Military Guide to Financial Independence and Retirement."
I don't spend much time here— please send a PM.
|
|
|
01-07-2011, 01:55 PM
|
#69
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Dec 2008
Location: On a hill in the Pine Barrens
Posts: 9,722
|
"We are writing to inform you of our recent discovery of a data security breach in mid December 2010 in which some of your personal information was improperly accessed."
That's the first sentence of two-page letter received today. This is more serious than "a computer got infected."
I'm not impressed with PFCU at all. It is Jan 7th and this is first written notification. I received a phone call and an email, but no details given. As of today I don't have a replacement CC.
Just activated free 2-yr subscription to kroll's service for id protection. Now my personal information is safely stored at another company.
|
|
|
01-07-2011, 02:44 PM
|
#70
|
Thinks s/he gets paid by the post
Join Date: Apr 2006
Posts: 1,684
|
Quote:
Originally Posted by target2019
"We are writing to inform you of our recent discovery of a data security breach in mid December 2010 in which some of your personal information was improperly accessed."
That's the first sentence of two-page letter received today. This is more serious than "a computer got infected."
I'm not impressed with PFCU at all. It is Jan 7th and this is first written notification. I received a phone call and an email, but no details given. As of today I don't have a replacement CC.
Just activated free 2-yr subscription to kroll's service for id protection. Now my personal information is safely stored at another company.
|
Don't get too worked up about it. Anywhere else you could go has the same vulnerabilities.
|
|
|
01-07-2011, 02:47 PM
|
#71
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Dec 2008
Location: On a hill in the Pine Barrens
Posts: 9,722
|
Quote:
Originally Posted by Rustward
Don't get too worked up about it. Anywhere else you could go has the same vulnerabilities.
|
What do you base your statement on?
|
|
|
01-07-2011, 03:50 PM
|
#72
|
Moderator Emeritus
Join Date: Oct 2007
Location: Portland
Posts: 4,946
|
Quote:
Originally Posted by Rustward
Don't get too worked up about it. Anywhere else you could go has the same vulnerabilities.
|
Yup. Sadly, all it takes is an employee to plug an infected laptop into the corporate network. Any file server or database containing something that looks like credit card data will be spotted, reported up the botnet to it's operator, and likely pilfered within seconds. An exceptionally opportunistic operator will put a logger onto a machine within the network to provide a steady supply of new or updated records. (See the 2008-2009 Heartland Payment Systems hack...)
Very few companies operate their database/file servers on an isolated network, with no routes out to the Internet. The ones that think they do probably haven't checked for machines 'bridging' between the private net and one with Internet access. (Probably added by some IT type who wanted to play a little Farmville while shuffling the database backups...)
|
|
|
01-07-2011, 04:05 PM
|
#73
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: May 2008
Location: No fixed abode
Posts: 8,765
|
Quote:
Originally Posted by Rustward
Don't get too worked up about it. Anywhere else you could go has the same vulnerabilities.
|
Quote:
Originally Posted by target2019
What do you base your statement on?
|
I agree with Rustward, and I worked in network security for 15 years. This is par for the course. It sucks, but it can't be helped. Back when I was still paying close attention I would get a data security breach notification for some company or gov't agency pretty much every day. Security is important, but never as important as getting the job done. Except the military. They don't care how inconvenient it is to accomplish something, as long as it's secure. But not private companies, and not civilian gov't groups. It's just part of life.
__________________
"Good judgment comes from experience. Experience comes from bad judgement." - Anonymous (not Will Rogers or Sam Clemens)
DW and I - FIREd at 50 (7/06), living off assets
|
|
|
01-07-2011, 04:41 PM
|
#74
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Dec 2008
Location: On a hill in the Pine Barrens
Posts: 9,722
|
Quote:
Originally Posted by harley
I agree with Rustward, and I worked in network security for 15 years. This is par for the course. It sucks, but it can't be helped. Back when I was still paying close attention I would get a data security breach notification for some company or gov't agency pretty much every day. Security is important, but never as important as getting the job done. Except the military. They don't care how inconvenient it is to accomplish something, as long as it's secure. But not private companies, and not civilian gov't groups. It's just part of life.
|
I don't agree with the statement that "Anywhere else you could go has the same vulnerabilities." So I asked what that was based on. I don't doubt that you read daily security briefings, and all types of things were happening. I know that, since I read similar each day. I don't believe that all companies are this lax. I do know that many are, but exactly how many? In the past my wife's data has been lost a few times. Each time it was a healthcare company, and it was peculiar that the story was the same each time. An employee had a laptop, and lost it.
This penfed event is different. The letter says my personal information was improperly accessed. Notice the "was".
So the question, in this penfed topic, is whether the company has suffcient ISS layers of protection. My read on the incident is that penfed would not get high ratings on the security scale.
|
|
|
01-08-2011, 09:43 AM
|
#75
|
Thinks s/he gets paid by the post
Join Date: Apr 2006
Posts: 1,684
|
Quote:
Originally Posted by target2019
What do you base your statement on?
|
Short answer is:
32 years in Data Processing / Management Information Systems / Information Technology
|
|
|
01-08-2011, 12:48 PM
|
#76
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Jun 2006
Location: Boise
Posts: 7,882
|
Quote:
Originally Posted by Nords
Do you seen an effect on your credit rating?
I have four cards: two of which I routinely carry, a third with a credit limit I'll never qualify for again, and a fourth that used to be shared with my daughter before she was old enough to get her own.
Spouse has one credit card, and her credit score routinely comes in 20-30 points higher than mine.
I'm planning to get rid of the fourth card and I may even get rid of the third card. I figure a primary and a back up is "good enough". Anything beyond that may just be inviting trouble.
|
I have 27 credit cards and my CreditKarma score is hovering around 780. From looking at their data, that is more due to the young average age of accounts rather than the large number of accounts.
My then-wife's score was always higher than mine as well, which I thought was strange since I was the breadwinner and she was a SAHM. Whatever.
I do plan to get rid of several of the smaller lines that are no longer useful.
2Cor521
__________________
"At times the world can seem an unfriendly and sinister place, but believe us when we say there is much more good in it than bad. All you have to do is look hard enough, and what might seem to be a series of unfortunate events, may in fact be the first steps of a journey." Violet Baudelaire.
|
|
|
01-08-2011, 01:13 PM
|
#77
|
Moderator
Join Date: Feb 2010
Location: Flyover country
Posts: 25,362
|
Quote:
Originally Posted by Nords
Do you seen an effect on your credit rating?
|
Not at all.
I had an opportunity last year to check my score for free, and it was 808. Can't complain about that.
__________________
I thought growing old would take longer.
|
|
|
01-08-2011, 01:51 PM
|
#78
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: Dec 2008
Location: On a hill in the Pine Barrens
Posts: 9,722
|
Quote:
Originally Posted by Rustward
Short answer is:
32 years in Data Processing / Management Information Systems / Information Technology
|
So most places is the places you've worked?
|
|
|
01-08-2011, 02:21 PM
|
#79
|
Thinks s/he gets paid by the post
Join Date: Apr 2006
Posts: 1,684
|
I worked for vendors for 20 years and had contact with more places than the average IT worker.
|
|
|
01-08-2011, 03:20 PM
|
#80
|
Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Join Date: May 2008
Location: No fixed abode
Posts: 8,765
|
Quote:
Originally Posted by target2019
I don't agree with the statement that "Anywhere else you could go has the same vulnerabilities." So I asked what that was based on. I don't doubt that you read daily security briefings, and all types of things were happening. I know that, since I read similar each day. I don't believe that all companies are this lax. I do know that many are, but exactly how many? In the past my wife's data has been lost a few times. Each time it was a healthcare company, and it was peculiar that the story was the same each time. An employee had a laptop, and lost it.
This penfed event is different. The letter says my personal information was improperly accessed. Notice the "was".
So the question, in this penfed topic, is whether the company has suffcient ISS layers of protection. My read on the incident is that penfed would not get high ratings on the security scale.
|
I'm not sure what the ISS layers of protection you mention is. But I'll stand by my statement that PenFed is no different than almost any other private company or gov't agency, as far as security is concerned. The only way to protect against a breach like they had is to do things like encrypt all data on all machines, and use single use authentication in order to access it. Also, no out-of-network access through laptops or remote computers that are not under the direct control of the corporate security organization. And while you can find these requirements in nearly every corporate or gov't security procedure list, they almost never actually get implemented. Too expensive, too complicated, and most of all, too inconvenient. It interferes with the making money aspect of business, which is job #1.
Sadly, the PenFed network was exploited by a bad guy, resulting in the need to do all the account changing, credit freezing and monitoring, and all the rest. My guess is that 99 out of 100 times a system gets compromised, nothing really bad comes of it. But that is not the result of better security, it's the result of luck. Even in the PenFed case, there have been no reports of misuse of the information. They are just reacting to the potential worst case.
I'm not trying to convice you to stick with Penfed. I'm not involved with them at all. But if you go somewhere else, be aware that most likely all the same opportunities for bad things to happen will exist there too.
__________________
"Good judgment comes from experience. Experience comes from bad judgement." - Anonymous (not Will Rogers or Sam Clemens)
DW and I - FIREd at 50 (7/06), living off assets
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
» Recent Threads
|
|
|
|
|
|
|
|
|
|
|
|
|
» Quick Links
|
|
|