The credit card industry focuses too much on reducing its own fraud costs and not enough on protecting consumers

That's the central claim in a new report from research firm Gartner that slams credit card companies for failing to notify consumers when credit card records are compromised by malicious hackers. The report notes that while credit card companies' "zero-liability" policies protect card holders from paying for unauthorized or fraudulent charges, they do not protect consumers from identity theft and the credit report hell that can follow. Avivah Litan, Gartner vice president and the report's co-author, said when security breaches happen, banks that issue credit cards seldom notify consumers. On Feb. 18, Visa, MasterCard and American Express confirmed that a malicious hacker had gotten access to 8 million credit card records through Data Processors International, a company that processes credit card transactions for mail order and online businesses. The credit card companies quickly issued statements saying none of the stolen card-holder information was used fraudulently, and that all card-issuing banks had been alerted to the problem.