With potentially over 100 million cards being compromised, a data breach incident in the US could be the largest ever recorded.The New Jersey-based Heartland Payment Systems, a provider of credit and debit card processing services, said unknown intruders had broken into its systems sometime last year and planted malicious software to steal card data carried on the company's networks. It claimed to have discovered the intrusion only last week after being alerted by Visa and MasterCard of suspicious activity.Robert Baldwin Jr., Heartland's president and CFO, said that alerts by the credit card companies triggered an investigation by forensic investigators, and during this the intrusion was discovered.Baldwin said: “Our discussions with the Secret Service and Department of Justice give us a pretty good indication that this is part of a group that appears to have done security breaches at other financial institutions. This is a very sophisticated attack."Heartland claimed that no merchant data, cardholder's social security numbers, unencrypted PIN, addresses or telephone numbers were compromised. Once it sorts out the matter, Heartland plans to notify each victim whose data was stolen to comply with data-loss disclosure laws in more than 30 states. The company refused to comment on how many customers could have been impacted, but as Heartland processes more than 100 million card transactions per month; it could be possible that the number of compromised credit and debit cards is at least that many.See original article on scmagazineuk.com
Copyright © SC Magazine, US edition
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.