The news has recently been abuzz with several well-publicized incidents of theft of credit information from several processing agencies. The most well-publicized was a a security hole at CardSystems Solutions, Inc.. that allowed as many as 40 milliion cardholders to have their account information compromised.CardSystems, a processor of electronic payments, was a victim of a virus introduced into their in-house computer network that allowed distant hackers to access their network. This would be enough to cause most owners of credit card accounts to panic, but it gets even worse - CardSystems wasn’t even supposed to have that information in the first place. After clearing a credit transaction, card processors are supposed to delete the information.

CardSystems seems to have “inappropriately” held on to the account information for what a company spokesman called “research purposes.” The only bright side to this theft is that the thieves were able to obtain credit card numbers only, and not the Social Security numbers that went along with them, which might have made millions of cases of identity theft possible. The relationships between the major credit card companies and the companies that process their transactions have terms that are usually dictated by the card companies. They are, by trusting the processors with sensitive information, supposed to keep an eye on the processors in order to make sure that the information is handled appropriately.