As two separate issues.

[Bank of America isn't claiming that the system is foolproof.] There are always people out there looking to get around fraud measures, ... So we'll continue to work to stay ahead of the fraudsters.

We are in the process of notifying some customers.

This is really to give our customers greater peace of mind so they know that when they come to the Bank of America site that it is indeed the real Bank of America site.

Customer data may have been compromised as a third-party unrelated to Bank of America. As standard procedure, if we see misuse, or the potential for misuse, we do not only notify the customer but block the card.

There are always people out there looking to get around fraud measures. So we'll continue to work to stay ahead of the fraudsters.

Merchants decide how much to place on hold for authorizations and the issuing bank makes a decision on how long to place the hold.

It's standard procedure to do this if we see misuse or potential misuse of a customer's card. We can block them and reissue new cards.

We have notified some card customers that their information may have been compromised.