Someone broke into one of my credit card accounts online. I discovered this because I got email confirming my mailing address change. My… what? I signed on and had to reset the password, which had been changed. This can’t be good. Hey! I have an address in New York City now?
I called them up and after some confusion we confirmed that I do not live in New York, nor did I buy anything from eBay today. They’re sending me a new card. More unfortunately, the rep told me that whoever changed my address had the security code from the back of the card, indicating that they’d either had physical possession of the card at one time, had sold me something online, or had cracked some database at Chase (he didn’t mention that last possibility).
Punchline: The account that was compromised only had $160 in credit available on it.