RSS Alerts
Click here...

Related Stories

  • US standards drive Canadian information security
    An absence of legislation and the presence of the laissez-faire attitude has resulted in Canada being rather lax when it comes to information security compliance. Robin Arnfield looks at how US standards are driving the Canadian information security marketplace
  • Outsourcing information security could be a risky business
    Over the past two decades, outsourcing and offshoring have become central to the business strategy of many organizations. The ongoing race to cut costs has resulted in mass migrations of whole industry sectors from low-cost regions to lower- cost ones, benefitting one and often distressing another - and the information security industry is no exception. Krag Brotby reports.
  • Weekly brief, January 25, 2010
    Infosecurity rounds up the week's news
  • Heartland takes US$12.6m hit for breach
    Heartland Payment Systems has revealed that it lost US$12.6m as a result of its 2008 data breach, in the same week that it finally regained official Payment Card Industry Data Security standard (PCI DSS) compliance.
  • Westin is latest hotel to be hit by hackers
    In further proof that the hospitality industry is becoming a prime target for hackers, The Westin Bonaventure Hotel and Suites has admitted a likely data security breach.

News

Heartland Discovers Card Heist

26 January 2009

Payment processing company Heartland Payment Systems was red-faced last week after the disclosure of a data breach that took place in 2008.

 

Both Visa and MasterCard alerted the company of suspicious activity concerning processed card transactions, said Heartland. After putting a team of forensic auditors on the case, it found malicious software that had been inserted into its network to sniff data.

The company said that no merchant data had been compromised, and that no cardholder social security numbers, addresses or telephone numbers were involved in the breach. There were no unencrypted personal identification numbers lost either, it said. That still leaves credit card numbers, and customer names as potentially exposed, but the company has given out no further information. It is not yet known how many card numbers processed by the company's 250 000 merchant clients may have been affected. However, reports of suspicious credit card activity already appearing in the press last week.

"We understand that this incident may be the result of a widespread global cyber fraud operation, and we are cooperating closely with the United States Secret Service and Department of Justice," the company said in a statement on a website set up to inform customers about the breach.

 

This article is featured in:
Business Continuity and Disaster Recovery Compliance and Policy Data Loss IT Forensics

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Copyright © 2010
Elsevier Ltd. All rights reserved.
Terms & Conditions | Privacy | Website Design Working with water