News | January 21, 2009

Payment Processor Heartland Payment Systems Discloses Security Breach

Yesterday, one of the largest retail and restaurant payment processing vendors, Heartland Payment Systems, disclosed a security breach within their system. Initial investigations concluded that the intrusion occurred during the later months of 2008 and the company believes that it has been contained at this point. After Visa® and MasterCard® notified the company of suspicious transaction activities, Heartland investigated immediately and auditors discovered malicious software that compromised data processed in their network.

According to statements made by Heartland Payment Systems, "No merchant data or cardholder Social Security numbers, unencrypted personal identification numbers (PIN), addresses or telephone numbers were involved in the breach. Nor were any of Heartland's check management systems; Canadian, payroll, campus solutions or micropayments operations; Give Something Back Network; or the recently acquired Network Services and Chockstone processing platforms."

This breach of payment data could possibly be a record incident of hacking in the industry, considering that Heartland's system processes about 100 million card transactions per month with a clientele of 175,000 merchants. In response to this significant mishap Heartland has developed a web-based resource to provide support and guidance to cardholders that have potentially been affected by the breach. More information can be found at www.2008breach.com .

It is a known fact that the growing popularity of e-commerce and online shopping makes consumers increasingly susceptible to payment processing fraud, a crime that frequently leaves online retailers stuck holding the bill. According to the fraud protection experts, CardCops, "The online retailer is 100% liable for accepted transactions that later turn out to be fraudulent, even if the bank and processors approve the transaction. Five to seven online retailers typically suffer losses from a stolen credit card before it is turned off by the processing system." In lieu of these alarming facts and this most recent example of payment system hacking, retailers and their payment processing partners need to remain acutely focused on the attackers who are striving to stay one step ahead of security efforts.

SOURCE: Retail Solutions Online

This website uses cookies to ensure you get the best experience on our website. Learn more