1

Retailer sues Visa: Are credit card companies too strict on hacking?

Tennessee-based retail chain Genesco is suing Visa, saying the penalty it paid for a data breach was wrong.

Big credit card companies are strict about what they expect from merchants when it comes to protecting credit card data from hackers. When retailers sign up to use Visa or other cards, they agree to safeguard data in certain ways. And if they get hacked, the penalties can be heavy.

Now the Tennessee-based retail chain Genesco is suing Visa, saying the penalty it paid for a data breach was wrong. Genesco, the company behind shopping mall stalwarts Johnston and Murphy, Journeys, and Lids, argues that, while a hacking tool was found in their system, there is no evidence hackers actually accessed sensitive information.

Though strict security standards may benefit customers, credit card companies may have overstepped their role in issuing penalties, according to Kim Zetter, senior writer at Wired.

"They have taken on the position of a federal regulatory agency," says Zetter. "Generally what happens is a company gets hacked and there might be a class action lawsuit from the customers whose data was stolen, but in this case it’s the credit card companies, and they are making millions off of this."

About the author

David Brancaccio is the host of Marketplace Morning Report. Follow David on Twitter @DavidBrancaccio
Log in to post1 Comment

Frankly, I'm glad Visa's acting like a regulatory agency. The federal agencies that should be overseeing card processing transactions are behind the times and understaffed. Given the sequestration, I don't see that changing any time soon. In this case, Genesco should be fined heavily; a hacker kit is a serious breach, per se. If a hacker organization was able to place it, they can easily use it at a time of their choosing.

If we want smaller gov't. AND still want its functions performed, we must accept that private businesses will perform them. In fact, Republicans explicitly want this. If the courts decide that U.S. laws don't permit this, then the next logical step would be to amend those laws.

With Generous Support From...