Yes. Then one asks the next question: should that security breach be kept on record, or is that the end of it? If you don't keep it on record, someone who is doing that fraudulent activity could conceivably do it again with the same information years later.
On November 22nd, 2006. See this statement in context.