Responsibilities Related to Account Data Compromises
Bank of America Merchant Services reminds merchants that they must report a suspected or confirmed account data compromise event immediately.
Per a recent Visa® bulletin, merchants must immediately report any suspected or confirmed unauthorized access to cardholder information to Bank of America Merchant Services.
Data compromise events could be network intrusions, data breaches and skimming incidents involving Point of Sale (POS) devices that put merchants and cardholder data at risk.
If you suspect or have confirmation of a data security breach, you can report the incident two ways:
1. Contact Bank of America Merchant Services Customer Service at 1.800.228.5882;
2. Contact your business consultant, if applicable.
What to Do if Compromised
- Immediately report any suspected or confirmed data compromises to Bank of America Merchant Services.
- Do not delete or alter any data associated with a data compromise event or potential data compromise event during an investigation.
- Engage a Payment Card Industry Forensic Investigator (PFI) during the investigation process if needed.
- Report all exposed and at-risk accounts related to the data compromise event.
Failure to cooperate fully with an investigation may lead to additional assessments.
Additionally, merchants must maintain compliance with the Payment Card Industry Data Security Standard (PCI DSS) and PCI PIN Security Requirements. Compliance is crucial to protecting cardholder data and ensuring that customers can trust you with their sensitive card information.
Visit www.pcisecuritystandards.org for more information on approved PFI organizations as well as PCI DSS and PCI PIN Requirements.
• Click here to review the Visa bulletin for additional information
If you have any questions, please contact WordStock Support at 800- 444-7224 for assistance.
Bank of America Merchant Services