(image found off iit users website)Heartland Payment Systems credit card processor company's systems were hacked. It seems that last week they found evidence that pointed to their systems being compromised and intrusions by unauthorized guests. They notified the federal law enforcements about the breach immediately and also the major credit card vendors too. In a written statement the company told cardholders that they will not be responsible for unauthorized charges made on their credit cards.
"The company said it immediately took a number of steps to secure its systems. It also created a website -- www.2008breach.com -- to provide information about the incident.
if you are interested in the intrusion details here is what has been reported:
"Baldwin told the New York Times that key information, such as card numbers, expiration dates, and cardholder names may have been exposed after malware intrusion attacks on its processing systems, where data had been left unencrypted. Sniffer software was used to capture data that was exposed as Heartland sought authorization from the major payment companies and banks, Baldwin told the Times. Users of Visa, MasterCard, American Express and Discover Financial cards were vulnerable. "We have industry-leading encryption, but the data has to be unencrypted to request the information," Baldwin said. "The sniffer was able to grab that authorization data at that point." The personal data of 600 million or more cardholders was left vulnerable, but data had apparently been extracted from far fewer accounts."
It appears that Heartland has now jumped on the wagon to fix the damage that has been done by going out and notifying their customers of the Violation.
Credit card processor Heartland says system was breached (Reuters UK)
Payment Processor Heartland Reveals Massive Data Breach (CRN)
Hackers breach Heartland Payment credit card system (USA Today)
Heartland has No Heart for Violated Customers (PC World.com)
No comments:
Post a Comment