RSS Alerts

Share

More services

Related Links

Related Stories

  • QSA system is broken, says Heartland CEO
    In a session titled ‘Enhancing payment security in 2010’, Robert O. Carr, Chairman and CEO or Heartland Payment Systems - the subject of potentially the world’s biggest data security breach earlier this year - declared that the model used by quality security assessors (QSA) is “broken”.
  • Malware, hacking are favorite methods to breach credit card data
    Malware and hacking are the most common methods that criminals use to obtain credit card information, according to a new report by Verizon Business.
  • Interview: Heartland’s Robert Carr
    Please excuse Robert Carr if he appears to have grown tired of answering questions. The co-founder of Heartland Payment Systems says he still has “a kick-ass company”, but the fight for survival remains an ongoing challenge. Drew Amorosi catches up with the Heartland CEO and finds out that, as a result of its trials, the company may have grown even stronger.
  • Firms failing on PCI DSS
    A huge 81% of organizations that are subject to the Payment Card Industry’s Data Security Standard (PCI DSS) were found to be non-compliant prior to a data breach, according to a new study.
  • The PCI Paradox - why PCI DSS isn't preventing data breaches
    PCI DSS has been criticized as being both too prescriptive and too vague. The standard’s effectiveness has come under scrutiny once again as PCI compliant organizations have suffered huge data breaches in recent times. Danny Bradbury looks at the standard to find the root of the problem

Top 5 Stories

News

Heartland takes US$12.6m hit for breach

08 May 2009

Heartland Payment Systems has revealed that it lost US$12.6m as a result of its 2008 data breach, in the same week that it finally regained official Payment Card Industry Data Security standard (PCI DSS) compliance.

The credit card payment processor, which reported a massive breach of its internal systems in January, said that the US$12.6m was the result of legal action, fines by credit card companies, and administrative costs associated with the breach. 

"The majority of these expenses relate to a fine imposed by MasterCard due to our allegedly not taking appropriate action subsequent to learning of the possibility of the breach," said Heartland chief executive Robert Carr. "We believe we took immediate and extraordinary actions to address the intrusion and cooperate with the card brands' investigation of the intrusion, and that we responded appropriately to concerns that were raised leading up to the discovery of the intrusion," he added.

Heartland Payment Systems has also been subject to a mounting number of lawsuits from banks who had been affected by the breach of their customers' credit card data.

The company finally regained its position on Visa's list of PCI DSS validated service providers on Monday, after being removed from the list in the wake of the breach.

Heartland's systems were compromised after hackers placed sniffer malware on its systems and were able to pilfer credit card details from the company's network. The full extent of the breach is still not known.

This article is featured in:
Data Loss  • Encryption • Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012