From TheIndyChannel.com:
A major credit card company is investigating how more than a hundreds statements were made available online after an Indiana woman alerted them to the problem.
Constance Wilson had logged in to pay her Aspire Visa card bill when she instantly had access to 120 other statements from people in Indiana and 31 other states.
[…]
When Wilson called CompuCredit, the Atlanta-based company that manages the Aspire card, they told her what she was describing wasn’t possible.
Company officials changed their tune when Call 6 contacted them regarding the breach.