Data Breach Exposes Up To 100 Million Credit Cards
Heartland Payment Systems announced yesterday that cyber criminals compromised its computer network, gaining access to customer information associated with the 100 million card transactions it handles each month.
From CNET:
Heartland Payment Systems, which processes payroll and credit card payments for more than 250,000 businesses, reported Tuesday that consumer credit card data was exposed in what may be the largest security breach ever.
In a statement that coincided with President Barack Obama’s inauguration events, Heartland said the breach occurred last year but that it found evidence of the intrusion last week and immediately notified law enforcement and credit card companies.
Robert H.B. Baldwin Jr., president and chief financial officer of Heartland, told CNET News he did not know how many credit and debit card accounts may have had their information exposed. The company handles 100 million transactions per month but does not know exactly how many unique cards or consumers that translates to, he said.
“We could do that analysis but we have not done it,” Baldwin said. “The question is what percentage of transactions did the malware capture and what percentage got out to the bad guys?”
He also would not say when the malware arrived in its system. “We have suspicions as to when, but can’t nail that down. We’re still working on how” the malware got there, he added. “We believe the intrusion is contained.”
“We understand that this incident may be the result of a widespread global cyber fraud operation, and we are cooperating closely with the United States Secret Service and Department of Justice,” Baldwin said in the statement.
No merchant data, cardholder Social Security numbers, or unencrypted PINs, addresses, or telephone numbers were exposed, the company said.
From Fox News:
The company said it couldn’t estimate how many customer records may have been improperly accessed, but said the data compromised include the information on a card’s magnetic strip — card number, expiration date and some internal bank codes — that could be used to duplicate a card.
Heartland, of Princeton, N.J., processes transactions for more than 250,000 businesses nationwide, including restaurants and smaller retailers.
Avivah Litan, an analyst at research company Gartner, called it the largest card-data breach ever, based on her conversations with industry executives.
Previously, the largest known breach occurred when around 45 million card numbers were stolen from retail company TJX Cos. in 2005 and 2006.
Robert Baldwin, Heartland’s president and chief financial officer, said it was too early to say how many records were accessed and that calling it the largest-ever breach would be “speculative.”
This entry was posted on January 21, 2009 at 7:16 am and is filed under Uncategorized. You can subscribe via RSS 2.0 feed to this post's comments.
Tags: Barack Obama, CNET, Credit Card, Credit Card Breach, Cyber Criminal, Data Breach, Economy, Encryption, Heartland, Heartland Payment Systems, Malware, Obama, Recession, Robert Baldwin, Security Breach, Social Security, TJ Maxx, TJX, TJX Breach
You can comment below, or link to this permanent URL from your own site.
