Skip the navigation
)
News

Heartland data breach could be bigger than TJX's

This recent incident suggests cybercrooks have shifted to targeting payment processors

January 20, 2009 12:00 PM ET

Computerworld - A data breach disclosed today by Heartland Payment Systems Inc. may well displace TJX Companies Inc.'s January 2007 breach in the record books as the largest ever involving payment data with potentially over 100 million cards being compromised.

Heartland, a Princeton, N.J.-based provider of credit and debit card processing services, said that unknown intruders had broken into its systems sometime last year and planted malicious software to steal card data carried on the company's networks.

Visa and MasterCard alerted Heartland of suspicious activity, triggering the company to hold an investigation by "several forensic investigators," during which the intrusion was discovered, Robert Baldwin Jr., Heartland's president and chief financial officer, said in a statement. The company said the intrusion may have been the result of a "widespread global cyberfraud operation."

Heartland claimed that no merchant data, cardholders' Social Security numbers, or unencrypted personal identification numbers (PIN), addresses or telephone numbers were compromised.

As with most data breach notifications, Heartland didn't say when the card companies informed it of the breach, when the breach took place in 2008, how long the intruders had remained undetected or how many cards might have been compromised in the intrusion. A company spokeswoman did not immediately respond to requests for comment.

But given that Heartland processes more than 100 million card transactions per month, it is very possible that the number of compromised credit and debit cards is at least that much, if not more, said Avivah Litan, an analyst at Gartner Inc. "It does look like the biggest ever," Litan said. The TJX breach involved the compromise of over 45 million cards.

It also appears that those behind the breach "made off with the gold" by intercepting and stealing the so-called Track 2 data from the magnetic stripe on the back of cards, which is all that's needed to create counterfeit cards, Litan said.

Dan Clements, president of CardCops, an identity protection service of Affinion Group Inc., said that he has noticed activity in underground chat rooms that suggested a major compromise at a processor such as Heartland.

Typically when a card is stolen, crooks first check to see if the cards are still active by using it for some transaction -- often a very small donation to a charitable organization -- to see if it works. This sort of validity check has increased by nearly 20% over the past few months, suggesting a major compromise. But it's not clear yet if it is related to the Heartland breach, Clements said.

The Heartland compromise is the second involving a large payment processor over the past few weeks. On Dec. 23, RBS WorldPay Inc., the payment processing division of The Royal Bank of Scotland Group, announced that its systems had been breached by unknown intruders, resulting in the compromise of personal information belonging to about 1.5 million card holders. The compromised information included the Social Security numbers of 1.1 million individuals using payroll cards, the company said.

The incidents suggest that cybercrooks are increasingly beginning to target payment processors, Litan said. "Attacking a processor is much more serious than attacking a retailer. A processor sits at the nerve center of the payment process," and processes far more payment card data than any retailer, she said.

"More radical security moves" need to be taken by payments industry as a whole to address the problem, she added. Such incidents show that the security requirements of the Payment Card Industry Data Security Standard being pushed by the major card companies is clearly not enough, Litan added.

Read more about Cybercrime and Hacking in Computerworld's Cybercrime and Hacking Topic Center.



What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
Additional Resources
Security KnowledgeVault
WHITE PAPER
Security is not an option. This KnowledgeVault Series offers professional advice how to be proactive in the fight against cybercrimes and multi-layered security threats; how to adopt a holistic approach to protecting and managing data; and how to hire a qualified security assessor. Make security your Number 1 priority.

Read now.

Cut Communications Costs Once and for All
WHITE PAPER
New IP-based communications systems are being deployed by small and midsized businesses at a rapid rate. Learn how these organizations are enabling faster responsiveness, creating better customer experiences, speeding office or mobile interactions, and dramatically reducing existing communications costs.

Read now.

Cybercrime and Hacking White Papers
Practice Management: Double Billing Rate and Improve Patient Services
Would you like to double your billing rate and achieve faster payment for services?

Download this customer success story to see how One Health...
Mission Critical Data Explosion and Customer Case Study
Would you like to double your tier 1 storage capacity while simultaneously reducing your storage footprint?

Download this customer success story to see how...
Protecting Against Database Attacks and Insider Threats: Top 5 Scenarios
Read this new eBook to learn the top five scenarios and essential best practices for preventing database attacks and insider threats.
Database Activity Monitoring Is Evolving
Read the analyst report and learn how you can leverage the core capabilities of a DAP solution for better database security.
Establishing a Strategy for Database Security is No Longer Optional
The options for securing increasingly valuable databases are very broad and deep, and can be confusing. This research provides an overview of three...
All Cybercrime and Hacking White Papers
Cybercrime and Hacking Webcasts
Distributed Database Security with Real-time Monitoring
View this demo and learn how IBM InfoSphere Guardium database activity monitoring can help protect your sensitive data in distributed DBMS environments with...
InfoSphere Warehouse Packs Demo
These flash modules make warehousing more tangible and relevant to business users through detailed explanations of the InfoSphere Warehouse Packs.
Delivery Management -- Extending Lifecycle Management
Date: Wednesday, June 20, 2012, 1:00 PM EDT

Siloed organizations continue doing the wrong things and doing things wrong, leading to increased costs,...
Leverage automation today to reduce IT complexity
Date: Tuesday, June 5, 2012, 2:00 PM EDT

Whether your B2B complexity is caused by multiple technologies due to M&A, business or application specific...
Redefine Expectations in the Data Center
Need to do more with less? Watch this video to learn how HP ProLiant Gen8 servers can help your business deploy servers three...
All Cybercrime and Hacking Webcasts
Newsletter Sign-Up

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  1. View all newsletters | Privacy Policy
IT Jobs