I got a new check card in the mail this week, thanks to a security breach this month at B.J.’s Wholesale Club. It seems some script kiddies spent time in the parking lot, capturing unencrypted point-of-sale 802.11b traffic (my speculation only, as I can’t find many details on the actual attack). Their haul was a few hundred card numbers at the most, but enough to get the attention of BJ’s and many banks.
Odds that our card number was swiped are pretty low, considering the theft occured at only a few stores. Still, it shows that many retailers and other businessess aren’t taking the most basic care to keep your data safe.
Now would be a good time to hang out your shingle if you were in the security business. I guarantee you won’t be bored.
All of this aside, I’ve long had a beef with just how insecure credit cards are in general. With the advent of smartcards and digital cash, you’d think we’d be so far beyond this by now.
I forgot to mention that BJ’s gets much praise for being so upfront on this security breach. It’s right on top of their homepage.
Lots of companies would probably sweep this under the rug.