RSS Alerts

Share

More services

Related Stories

  • Data Breach Spring
    Infosecurity’s Drew Amorosi examines three data breach incidents from the past few months that, by their nature, keep security vendors in business, regulators busy, and CISOs up at night. Find out why industry observers think this rash of massive breaches could lead to a ‘PCI for consumer privacy’
  • DLP technology unplugged
    Data loss prevention (DLP) technology has become something of a buzzword amongst security analysts, but where has it come from, where does it sit in the market as a whole and what does the future hold? Davey Winder investigates
  • Data lost, not found: Why data loss is still prevalent in many organisations
    Eighteen months on from the HMRC data loss scandal - where contractors lost the details of 25 million Britons - Stephen Pritchard investigates why there is little evidence that the rate of privacy breaches is falling
  • US standards drive Canadian information security
    An absence of legislation and the presence of the laissez-faire attitude has resulted in Canada being rather lax when it comes to information security compliance. Robin Arnfield looks at how US standards are driving the Canadian information security marketplace
  • US standards drive Canadian information security
    An absence of legislation and the presence of the laissez-faire attitude has resulted in Canada being rather lax when it comes to information security compliance. Robin Arnfield looks at how US standards are driving the Canadian information security marketplace

Top 5 Stories

News

Heartland Discovers Card Heist

26 January 2009

Payment processing company Heartland Payment Systems was red-faced last week after the disclosure of a data breach that took place in 2008.

 

Both Visa and MasterCard alerted the company of suspicious activity concerning processed card transactions, said Heartland. After putting a team of forensic auditors on the case, it found malicious software that had been inserted into its network to sniff data.

The company said that no merchant data had been compromised, and that no cardholder social security numbers, addresses or telephone numbers were involved in the breach. There were no unencrypted personal identification numbers lost either, it said. That still leaves credit card numbers, and customer names as potentially exposed, but the company has given out no further information. It is not yet known how many card numbers processed by the company's 250 000 merchant clients may have been affected. However, reports of suspicious credit card activity already appearing in the press last week.

"We understand that this incident may be the result of a widespread global cyber fraud operation, and we are cooperating closely with the United States Secret Service and Department of Justice," the company said in a statement on a website set up to inform customers about the breach.

This article is featured in:
Business Continuity and Disaster Recovery  • Compliance and Policy  • Data Loss  • IT Forensics

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012