Banks Should Keep Your Data as Safe as Your Money

Fight disinformation: Sign up for the free Mother Jones Daily newsletter and follow the news that matters.

From the New York Times:

Citigroup’s revelation that hackers stole personal information from more than 200,000 credit card holders makes it one of the largest direct attacks on a major bank.

….Details remain scarce, but the disclosure of the Citigroup breach on Thursday quickly turned into a debate on whether the banks and major credit card companies had invested enough money to safeguard the personal information of their customers.

….“We’re not dealing with 14-year-old hacker kids,” said Steve Elefant, the chief information officer at Heartland Payment Systems, which overhauled its security measures after the systems it used to process credit and debit card transactions were hacked in 2008. “We’re talking about 21st-century bank robbers — sophisticated, organized criminal gangs, located mostly in Eastern Europe and the U.S.”

….Big credit card lenders are loath to acknowledge another reason that the breaches keep happening: they are in the business of reducing the financial losses stemming from fraud, not preventing data theft in the first place. As a result, analysts say, they have devoted the bulk of their resources to trying to stop fraudulent transactions from occurring.

Banks might indeed be loath to admit it, but the Times delicately hints at the reason this keeps happening: banks don’t care. And the reason they don’t care is because there are no serious penalties for these kinds of breaches and consumers have no ability to sue over them. What’s more, it’s consumers who end up having to clean up the mess if the hack results in ID theft or some other kind of fraud, not the banks. So why bother?

This is something that really ought to be a bipartisan outrage. Banks and other financial players don’t care very much about this stuff because they don’t have to pay much of a price for things like ID theft and data breaches, but they’d start caring if Congress passed legislation that made them responsible for these costs. That’s what Congress did in 1968 for credit card fraud, and banks started figuring out clever ways to reduce fraud mighty quickly. Make them responsible for data breaches and I’ll bet they’d figure out how to reduce those too. Alternatively, we could just pass some heavy-handed rules, as Europe has done. One way or the other, though, banks should be responsible for the cost of their own mistakes. That’s really not something that Republicans and Democrats should have much reason to disagree about.

WE CAME UP SHORT.

We just wrapped up a shorter-than-normal, urgent-as-ever fundraising drive and we came up about $45,000 short of our $300,000 goal.

That means we're going to have upwards of $350,000, maybe more, to raise in online donations between now and June 30, when our fiscal year ends and we have to get to break-even. And even though there's zero cushion to miss the mark, we won't be all that in your face about our fundraising again until June.

So we urgently need this specific ask, what you're reading right now, to start bringing in more donations than it ever has. The reality, for these next few months and next few years, is that we have to start finding ways to grow our online supporter base in a big way—and we're optimistic we can keep making real headway by being real with you about this.

Because the bottom line: Corporations and powerful people with deep pockets will never sustain the type of journalism Mother Jones exists to do. The only investors who won’t let independent, investigative journalism down are the people who actually care about its future—you.

And we hope you might consider pitching in before moving on to whatever it is you're about to do next. We really need to see if we'll be able to raise more with this real estate on a daily basis than we have been, so we're hoping to see a promising start.

payment methods

WE CAME UP SHORT.

We just wrapped up a shorter-than-normal, urgent-as-ever fundraising drive and we came up about $45,000 short of our $300,000 goal.

That means we're going to have upwards of $350,000, maybe more, to raise in online donations between now and June 30, when our fiscal year ends and we have to get to break-even. And even though there's zero cushion to miss the mark, we won't be all that in your face about our fundraising again until June.

So we urgently need this specific ask, what you're reading right now, to start bringing in more donations than it ever has. The reality, for these next few months and next few years, is that we have to start finding ways to grow our online supporter base in a big way—and we're optimistic we can keep making real headway by being real with you about this.

Because the bottom line: Corporations and powerful people with deep pockets will never sustain the type of journalism Mother Jones exists to do. The only investors who won’t let independent, investigative journalism down are the people who actually care about its future—you.

And we hope you might consider pitching in before moving on to whatever it is you're about to do next. We really need to see if we'll be able to raise more with this real estate on a daily basis than we have been, so we're hoping to see a promising start.

payment methods

We Recommend

Latest

Sign up for our free newsletter

Subscribe to the Mother Jones Daily to have our top stories delivered directly to your inbox.

Get our award-winning magazine

Save big on a full year of investigations, ideas, and insights.

Subscribe

Support our journalism

Help Mother Jones' reporters dig deep with a tax-deductible donation.

Donate