Ads by TechWords

See your link here
Receive the latest technology news and information.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Banks, credit unions scramble in wake of Heartland breach

Several have begun reporting fraud associated with exposed cards

January 27, 2009 12:00 PM ET

Computerworld - In the first real indication of the scope of the recently disclosed data breach at Heartland Payment Systems Inc., banks and credit unions from Washington to Maine have begun to reissue thousands of credit and debit cards over the past few days.

Several have also begun disclosing fraud associated with payment cards that were reported to them by Visa and MasterCard as having been exposed in the breach.

A Pennsylvania law firm today filed the first class-action lawsuit related to the breach. Chimicles & Tikellis LLP in Haverford, Pa., filed the lawsuit on behalf of Alicia Cooper, a resident of Woodbury, Minn., and others who might have been affected by the breach.

The complaint, filed in the U.S. District Court for the District of New Jersey in Trenton, alleges that Cooper, whose card was compromised in the breach, and others, were victims of Heartland's negligence in protecting cardholder data. The lawsuit, which calls for a jury trial, charged Heartland with breach of contract, breach of implied contract and breach of fiduciary contract for the breach.

The compromise has pushed the Washington Credit Union League (WCUL) in Federal Way, Wash., to revive legislation that would mandate specific data protection controls on all merchants and third parties, such as Heartland, that process payment card data. The bill (HB 1149) received its first hearing last Thursday in the Washington State House Committee on Financial Institutions and Insurance, according to a statement released by the WCUL.

Heartland, a Princeton, N.J.-based processor of payment card transactions, disclosed last Tuesday that its systems had been broken into by unknown intruders sometime last year. The company claimed that the intrusion -- which some are calling the biggest ever -- was discovered only earlier this month. Visa and MasterCard alerted Heartland of suspicious transaction activity, triggering Heartland to conduct its own forensic investigation, during which the intrusion was discovered.

The company said that intruders planted sophisticated sniffer software in its network and stolen data as cards were being processed.

Heartland has not yet released any information on the number of cards exposed in the intrusion. But the fact that the company processes more than 100 million transactions per month for over 250,000 customers has sparked speculation that the breach might be even bigger than the one disclosed by The TJX Companies Inc. in which more than 45 million payment cards were compromised.

Since its disclosure, a growing number of financial institutions across the country have begun notifying their customers of their cards being potentially compromised as a result of the breach. In most cases, the compromises result in the cards being blocked and recalled by the financial institutions. A small sample of those making such announcements included the following:



Jump to comments

Heartland Payment Systems

Additional Resources

WHITE PAPER
Approximately 60 percent of data migration projects overrun time or budget, while some fail completely. Download this white paper, "Enhancing Your Chance for Successful Data Migration," to learn the critical steps you need to take to execute a data migration project with minimum cost and risk to your business.
WHITE PAPER
Read the Gartner research note to learn why the TCO of a server-based computing deployment used to deliver all applications to users is around 50% lower than that of an unmanaged desktop deployment.
WHITE PAPER
Economic downturns have a tendency to accelerate emerging technologies, boost the adoption of effective solutions, and punish solutions that are not cost competitive or that are out of synch with industry trends. This IDC White Paper presents the results of an IDC survey of 330 companies in Western Europe, Asia/Pacific and the Americas that measures the receptiveness to Linux and takes into consideration changing views driven by the disruptive economic environment that businesses face today.

What People Are Saying