Payment Processor Breach May Be Largest Ever

2009-01-21 06:29

http://voices.washingtonpost.com/securityfix/2009/01/payment_processor_breach_may_b.html By Brian Krebs Security Fix Washington Post January 20, 2009 A data breach last year at Princeton, N.J., payment processor Heartland Payment Systems may have compromised tens of millions credit and debit card transactions, the company said today. If accurate, such figures may make the Heartland incident one of the largest data breaches ever reported. Robert Baldwin, Heartland's president and chief financial officer, said the company, which processes payments for more than 250,000 businesses, began receiving fraudulent activity reports late last year from MasterCard and Visa on cards that had all been used at merchants which rely on Heartland to process payments. Baldwin said 40 percent of transactions the company processes are from small to mid-sized restaurants across the country. He declined to name any well-known establishments or retail clients that may have been affected by the breach. Baldwin said it would be unfair to mention any one of his company's customers. "No merchant of ours represents even [one-tenth of one percent] of our volume, and to put out any name associated with what is obviously an unfortunate incident is not fair," he said. "Their customers might end up having their cards used fraudulently, but that fraud might turn out to have come from their store, or it might be from another Heartland store and no one will ever really know." [...] _______________________________________________ Please help InfoSecNews.org with a donation! http://www.infosecnews.org/donate.html

News URL

http://voices.washingtonpost.com/securityfix/2009/01/payment_processor_breach_may_b.html

#breach #payment