What You Need to Know about the Kmart Breach & the Compromised Card Process

A few days prior to the Kmart breach being identifiable as the root case for card exposure and as part of the Alegeus Fraud Prevention Program in partnership with Mastercard and Visa, Alegeus began to proactively communicate to clients identifying specific cards exposed to possible compromise by a third party, such as a merchant and in this case Kmart. As part of the Mastercard and Visa compromised card process, the payment processor notifies Alegeus anytime a compromise has occurred and provides a list of impacted card accounts.

This does not mean that impacted cards have been subject to fraudulent activity. A compromised card alert is specific to the exposure of card data only. And, the information provided to Alegeus is limited around the details of the event if, and until, it is made publicly available.

What to expect from Alegeus

Should you, an Alegeus client, be included in an impact list, Alegeus will notify you and provide best practice security measures and employer communication strategies to follow. With an event like the Kmart breach, we can expect to see additional cards reported as the investigation continues. As new cards are reported to Alegeus by Mastercard and Visa, notifications will follow.

What to do when client cards are impacted

While Alegeus has limited insight into the details of such an event, we will recommend precautionary measures to protect participants.

  • In the Alegeus platform, mark each exposed card as lost/stolen.
  • Reissue cards to the affected participants. While the cards are in transit, participants will not have access to an active benefit card, but this is a best practice to protect you and your participants.
  • Notify impacted cardholders so they can monitor their accounts for suspicious activity and, if applicable, submit eligible expenses for reimbursement while their new cards are in transit. When Alegeus communicates to you about applicable exposed cards, we also provide a participant communication letter for you to leverage in your outreach, providing necessary details and instructions for participants to follow.

Read more about the breach: Krebs on Security – Credit Card Breach at Kmart Stores. Again.

Sign up for our newsletter

Related content

See all insights

Closing the gap in healthcare payment tech

The future of tech and the health benefits industry

COVID-19 Healthcare Spending Trends and Recovery Index

Consumers Primed for HSA Education

Episode 02: Driving down the cost of healthcare with AI

IRS releases 2021 cost-of-living adjustments for certain tax provisions

High-tech and high-touch: a conversation with Thad Hamilton of TRI-AD

Myth #3: High-deductible health plans are the more expensive option

HRA limit will not increase for 2021

How to sell employee benefits during a recession

Myth #2: HSAs are for short-term medical expenses only

HSA and 401(k): Making the most out of both benefit accounts