[infoshare] Hackers breach Heartland Payment credit card system - USATODAY.com

• From: "Luis Guerra" <jerseypalisades@xxxxxxxxxxx>
• To: <"Undisclosed-Recipient:;"@freelists.org>
• Date: Thu, 22 Jan 2009 13:18:44 -0500

      Hackers breach Heartland Payment credit card system

By Byron Acohido, USA TODAY
Heartland Payment Systems (HPY) on Tuesday disclosed that intruders hacked 
into the computers it uses to process 100 million payment card transactions 
per month for 175,000 merchants.
Robert Baldwin, Heartland's president and CFO, said in a USA TODAY interview 
that the intruders had access to Heartland's system for "longer than weeks" 
in late 2008. The number of victims is unknown. "We just don't have the 
information right now," Baldwin said.

Tech security experts said the breach could set a record. Retail giant TJX 
lost 94 million customer records to hackers in 2007. With more than 100 
million transactions per month, they could discover that several months' 
worth of transactions were captured, says Michael Maloof, chief technology 
officer at TriGeo Network Security.

Heartland processes card payments for restaurants, retailers and other 
merchants. It discovered the hack last week after Visa and MasterCard 
notified it of suspicious transactions stemming from accounts linked to its 
systems. Investigators then found the data-stealing program planted by the 
thieves.

"Our discussions with the Secret Service and Department of Justice give us a 
pretty good indication that this is part of a group that appears to have 
done security breaches at other financial institutions," said Baldwin. "This 
is a very sophisticated attack." Once it sorts out the matter, Heartland 
plans to notify each victim whose data were stolen to comply with data-loss 
disclosure laws in more than 30 states, Baldwin said.

"Cleaning up the mess could be potentially much more expensive than any 
fines or penalties," says Michael Argast, senior analyst at security firm 
Sophos.

Heartland's disclosure coincides with reports of heightened criminal 
activities involving stolen payment card numbers. Security firm CardCops has 
been tracking a 20% year-over-year increase in Internet chat room activity 
where hackers test batches of payment card numbers to make sure that they're 
active. "The numbers could have come from a processor, like Heartland, or 
some other source that has access to a lot of customer data but is not a 
retailer," says Dan Clements, CardCops president.

Also, Forcht Bank in Kentucky last week began issuing replacement debit 
cards to 8,500 patrons, due to reports of fraudulent card activity. "There 
are several other banks affected, and this is not isolated to Forcht Bank 
customers," the bank said in a Jan. 12 statement to customers.







      Find this article at:
      
http://www.usatoday.com/money/perfi/credit/2009-01-20-heartland-credit-card-security-breach_N.htm

Other related posts:

• » [infoshare] Hackers breach Heartland Payment credit card system - USATODAY.com - Luis Guerra

1. Home
2. infoshare
3. Archive
4. 01-2009

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---