The recent breach of debit card numbers and PINs is estimated to have affected 600,000 customers. Customers complained of unauthorized PIN based charges happening across the US and internationally. Debit cards had to be deactivated and reissued to prevent losses to any customer account which may have been effected. Two of the hardest hit institutions are naturally two of the largest, Bank of America and Washington Mutual. Both of these institutions have reacted now by offering an alert service. Sanjay Gupta, Bank of Americas e-commerce executive said "We're giving customers more ways to detect fraud and keep an eye on their accounts. They can decide what they want to hear about and where they want to be told."

While these two banks have different programs, each has some of these features available; email and text messages being used to alert customers when passwords are changed, purchases or withdrawals exceed a user-specified dollar limit, or when the balance falls below a user-specified threshold. Emails may be sent to a home or work email address and even Blackberry and Treo devices.

It still appears that PIN and debit card information was retained somewhere, and that this data was accessed and used. Storing encryption keys and customer data is prohibited under section 3.2.3 of the Payment Card Industry data security standards. OfficeMax, thought to be a key source of this massive breach, said that an independent and an internal investigation by security experts found no indication that their customer information was breached.

The FBI and Secret Service are still investigating. But the finance industry is beginning to ask itself the more important question, could this happen again? Security programs such as the two above should gain in popularity and provide better protections against the recurrence of an event such as we've just seen.