Log in

No account? Create an account
entries friends calendar profile Metphistopheles Previous Previous Next Next
Thanks, Homer! - Blather. Rants. Repeat.
A Møøse once bit my sister ...
Thanks, Homer!
No, not the one in the icon. Or Iliad guy. Or the original and long-forgotten Mets mascot. No, your vitriol of the day is for this one:

THAT Homer is the lovable mascot of the Home Despot, and it's his ilk that have me working for free today on account of their stupidity.

I got my new bank debit Mastercard in the mail yesterday, ten months ahead of expiry. I got it because Homer & Co. allowed our previous bank debit Mastercard to get hacked- not just the 16 digits but the PIN, so the bank erred on the side of caution (mainly to save its own ass if the script kiddies drained my account, which the bank, not I and not Homer, would be liable for) and sent out new ones to everybody.

Am I right to complain? After all, these naughty hackers are smart, and ruthless, and can penetrate just about any level of corporate security, right?

Well, they can probably crack the 1-2-3-4-5 code to open my luggage- and that's about all Homer expected of them:

Home Depot’s in-store payment system wasn’t set up to encrypt customers’ credit- and debit-card data, a gap in its defenses that gave potential hackers a wider window to exploit, according to interviews with former members of the retailer’s security team.

It’s unclear whether that vulnerability contributed to the hack that Home Depot announced on Sept. 8. Yet five former staffers describe a work environment in which employee turnover, outdated software, and a stated preference for “C-level security” (as opposed to A-level or B-level) hampered the team’s effectiveness. The former workers, including three managers, asked that their names not be used because they fear retribution from their former employer; some now work for companies that perform security functions for Home Depot.

Although the company this year purchased a tool that would encrypt customer-payment data at the cash register, two of the former managers say current Home Depot staffers have told them that the installation isn’t complete.

Gee, THAT's reassuring. So in order to maintain profit levels, stock price and upper-level performance bonuses, look what Homer hath wraught:

* Banks, fearing liability to customers (who almost instantly started getting hacked within days of the breach), sent (and spent for) millions of new cards, plus millions of separate mailings containing the new PIN;

* Users (that's me!) have to activate the new card, instantly rendering the old one useless as a PIN-enabled card for stores or ATMs because I don't have the new PIN yet;

* Users also have to figure out which subscriptions, memberships and other accounts use the old number and then slog around, either in person or online, to change them to the new one (Eleanor's gym membership, Amazon, GOK what else).  And if any of these aren't changed? Most of these outfits will happily charge YOU an overdraft fee or its equivalent because their payment didn't go through- because it isn't their fault any more than it's yours, or your bank's.

And hey! Guess what? JPMorgan Chase just announced that IT got hacked, too, and half the credit card numbers in the flippin' country are up for bid on The Hack Is Right!  So even though I haven't had a Chase card in close to a decade or ever had them as a depository bank, I KNOW I've used one of their payment processing pads within the past week and I therefore fully expect to have to do this shiz all over again NEXT month.

Too bad there isn't technology to make this much harder.... oh wait, there is. It's called Chip-and-PIN, and Europe, even freakin America Junior to our north, have had it for years. But Mercun companies think it's too close to the Mark of the Beast or something and they won't do it (notable exception: Wegmans, which has a lot of Canadian customers and really likes taking their money as conveniently as possible).

Maybe now, guys?

Leave a comment