Attorneys general want firm to inform customers of breach

Wednesday, June 29, 2005 | 9:25 a.m.

NASHVILLE, Tenn. -- The attorneys general of 44 states demanded Tuesday that the credit card processor responsible for a breach that exposed 40 million cardholders to possible fraud inform affected consumers about the risk.

In a terse letter sent to CardSystems Solutions Inc., the law enforcement officials said the company needs to tell exactly what happened when a computer hacker may have gained access to millions of credit card numbers.

Officials have called it one of the largest security breaches involving consumer data. Atlanta-based CardSystems Solutions processes credit card and other payments for banks and merchants. All brands of credit cards could be affected, and records pertaining to at least 200,000 are known to have been stolen, primarily MasterCard and Visa cards.

"It is the responsibility of CardSystems Solutions, Inc. to make sure the public is aware of this security breach ... and to take the appropriate action to make sure it doesn't happen again," said Tennessee Attorney General Paul Summers.

The letter called the company's action "unacceptable."

Company officials in Atlanta and Tucson, Ariz., did not immediately return calls seeking comment.