Debit card security breached at Bank of America

A security breach involving an undisclosed company has prompted Bank of America to cancel the debit cards of numerous customers, a spokesman for the US' largest bank said on Tuesday.

Bank of America refused to release the name of the company involved, the exact number of customers affected or whether the company in question was online or a traditional brick-and-mortar establishment.

The case is unusual in that debit cards appeared to be at risk. Credit cards are typically involved in security breaches at financial institutions because they are used more often than debit cards for retail transactions.

A bank spokesman said: "These are intricate matters... and may involve information that is not exactly clear and concise. It would be premature to discuss any third parties until an investigation is conducted."

He added that there is no evidence any of its customer accounts have been compromised. The move to cancel debit cards was a precaution, he said.

According to the spokesman, an investigation is under way but he added that he was unaware of which law enforcement agency was overseeing it.

Bank of America issued letters to many customers notifying them of the breach and telling them their debit cards were no longer good. The bank is also informing customers to watch out for any unauthorised transactions on their statements.

The spokesman said: "As a proactive security-minded effort, we may take steps to replace people's cards. We know this can represent a minor inconvenience. The question is, would we rather risk inconveniencing customers and protect their information and accounts, or do we just do nothing?"

Greg Sandoval writes for CNET News.com