One point six billion ($1.6 b): That's what Protregrity puts the cost of the TJMax credit identity heist revealed two weeks ago. At 45.5 million lost records, that comes to about $37 a piece.
Ha! I say not even the tip of the iceburg.
Those lost records are just now being identified in fraudulent transactions, which could amount to billions. Most recently Walmart ate more than $7 million in televisions, computers and other high ticket items when its systems discovered - too late - the cards used to purchose said items were bogus.
Do we think the scammers just sat on that data until now? No. They've been charging and charging and charging to their heart's content for well over a year. That's why I say losses are in the billions.
The fear generated by the TJMax case was palpable at Visa's Security Summit on trust March 7 and 8. You could see it in the eyes of the 400 attendees, including the CEO's and CSO's of the world's largest banks and retailers. At meals and during sessions, they talked worriedly about the TJMax implications.
It's not just that TJMax's customer databases were 'owned' by criminal crackers since at least a year ago that gathered all this attention. It's that one of them, a big retailer with all of its money for security budget, could have such a huge, gaping oversight.
It could be any of them, they knew. Even if they followed every PCI and Verified by Visa standard that were possible, they could still end up splashed in the headlines like TJMax. Or, worse, that they already have been compromised and don't even know it.