I had to decide whether this belonged under 'security' or 'stupidity' - I decided that the latter was far more descriptive. There's a report out on a fairly serious loss of data by Citibank (and a bunch of other banks) - someone hacked into a system and stole a bunch of card data - including the PIN numbers - for a set of debit cards. The stupidity is in this quote:

"This is the worst hack ever," Litan maintained. "It's significant because not only is it a really wide-spread breach, but it affects debit cards, which everyone thought were immune to these kinds of things."

Unlike credit cards, debit cards offer an additional level of security: the password-like Personal Identification Number, or PIN.

"That's the irony, the PIN was supposed to make debit cards secure," Litan said. "Up until this breach, everyone thought ATMS and PINs could never be compromised."

Who exactly is "everyone"? The dumber flacks in the PR department? And to cap it off, here's her non-solution solution:

"Security is tight at the ATM, but point-of-sale is a whole other story," said Litan. "Look at your [debit card] account on a regular basis, and don't use a PIN-based debit card at point-of-sale," she recommended. "I never do."

Yeah, I'd much rather carry my checkbook with me everywhere, like it was 1978 all over again. Another thing - a regular credit card at the POS won't be any safer from a fraud standpoint - if the stores aren't careful with the data, then it doesn't much matter.