Home Forums Articles How To's FAQ Register
Go Back   Xoutpost.com > Off-topic > The Lounge
Fluid Motor Union
User Name
Password
Member List Premier Membership Today's Posts New Posts

Xoutpost server transfer and maintenance is occurring....
Xoutpost is currently undergoing a planned server migration.... stay tuned for new developments.... sincerely, the management


Reply
 
LinkBack Thread Tools Display Modes
  #1  
Old 01-21-2009, 02:03 PM
X5rolls's Avatar
Member
 
Join Date: Sep 2008
Location: Maryland
Posts: 1,689
X5rolls is on a distinguished road
Credit Card Processor Says Some Data Was Stolen

You might want to know about this latest data breach. Customers of Visa, MasterCard, American Express and Discover Financial were all vulnerable.

Heartland Payment Systems, a major payment processing company, disclosed a data breach on Monday that potentially exposed tens of millions of credit and debit cardholders to the risk of fraud in what could quickly become one of the country’s biggest data compromises.

http://www.nytimes.com/2009/01/21/te...1&ref=business

Credit Card Processor Says Some Data Was Stolen

By ERIC DASH and BRAD STONE
Published: January 20, 2009

Heartland Payment Systems, a major payment processing company, disclosed a data breach on Monday that potentially exposed tens of millions of credit and debit cardholders to the risk of fraud in what could quickly become one of the country’s biggest data compromises.
Robert H. B. Baldwin Jr., Heartland’s president and chief financial officer, said that his company believed the card numbers, expiration dates, and in some cases cardholder names were exposed after attacks on its computer systems at the one point where data had been unencrypted.
Once consumers swiped their cards, so-called sniffer software captured that data as Heartland sought authorization from the major payment companies and banks. Customers of Visa, MasterCard, American Express and Discover Financial were all vulnerable.

“We have industry-leading encryption, but the data has to be unencrypted to request the information,” Mr. Baldwin said. “The sniffer was able to grab that authorization data at that point.”
Data thieves introduced the software as early as May, but Heartland did not detect the breach until it was alerted to the activity in late fall. The personal data of 600 million or more cardholders was vulnerable, but data security experts suggested data from far fewer accounts had been extracted. Other confidential information, like personal security codes, is not believed to have been compromised. That might limit damages.
Even so, the Heartland breach could wind up rivaling some of the largest data thefts. In January 2007, the discount retail chain TJX revealed that data on more than 45 million customers had been compromised. And 40 million cardholder accounts were exposed in the 2005 data compromise at a tiny payment processor, CardSystem Solutions.

Avivah Litan, a data security analyst, said that the Heartland breach could result in hundreds of millions in losses and other expenses. “If you add it all up, including legal costs, it could be as much as half a billion dollars in losses — or twice as big as TJX,” she said.
Mr. Baldwin said that Secret Service officials investigating the breach suggested that the thieves involved in the attack might be part of an “international ring of hackers that are introducing breaches at a number of financial institutions.”

The Heartland breach also showed that in spite of the adoption of more stringent standards and tougher oversight by banks and credit card companies, consumers are still vulnerable. All this is happening after credit card companies and merchants spent over $2 billion on establishing the Payment Card Industry standards, Ms. Litan said. “And yet the breaches continue and they get more serious.”

Heartland, based in Princeton, N.J., works with about 175,000 small merchants and processes about 100 million transactions a month. It has created a Web site, 2008breach.com, to provide information about the incident. Cardholders are not responsible for unauthorized fraudulent charges.
Reply With Quote

Sponsored Links

Reply

Bookmarks


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





All times are GMT -4. The time now is 12:37 PM.
vBulletin, Copyright 2026, Jelsoft Enterprises Ltd. SEO by vBSEO 3.6.0
© 2017 Xoutpost.com. All rights reserved. Xoutpost.com is a private enthusiast site not associated with BMW AG.
The BMW name, marks, M stripe logo, and Roundel logo as well as X3, X5 and X6 designations used in the pages of this Web Site are the property of BMW AG.
This web site is not sponsored or affiliated in any way with BMW AG or any of its subsidiaries.