Data Breach Could Be Largest Ever
- 6
- Add a Comment
Now this is strange. A company that processes data information for credit card transactions, just reported the breach that allegedly happened last year. What is strange about this incident is that the company,Heartland Payment Systems waited so long to report the breach of security. The company than chose inauguration day to go public with the details. The company handles some 250,000 businesses but refused to identify any of their names.
According to the article at the Wall Street Journal it also stated that:
Heartland called U.S. Secret Service and hired two breach forensics teams to investigate. But Baldwin said it wasn’t until last week that investigators uncovered the source of the breach: A piece of malicious software planted on the company’s payment processing network that recorded payment card data as it was being sent for processing to Heartland by thousands of the company’s retail clients.
Baldwin said Heartland does not know how long the malicious software was in place, how it got there or how many accounts may have been compromised. The stolen data includes names, credit and debit card numbers and expiration dates.
It doesn’t appear that this company knows to much about anything. Maybe they should be a prime candidate for an investigation to find out why they know so little. 
The company also has no plans to monitor any credit card transactions that may have been illegal nor to provide any protection to the victims.
Do you think that these people should get any bailout money?
Comments welcome.
6 Comments
GOOSE
January 20th, 2009
at 6:30pm
Geez…..sounds like the Democrats to me…………But it’s OK just an oversight….bump in the road…..
leftystrat
January 20th, 2009
at 9:06pm
Let me take a guess…..
There are no federal regulations mandating reporting of data breaches. Am I correct?
Since there are no regulations, there is no disclosure. If there is one thing you can count on (besides taxes), it’s greed.
Just wait til electronic health records take hold. Data breaches galore with no accountability.
anonymous
January 20th, 2009
at 9:34pm
I WORK AT HEARTLAND PAYMENT SYSTEMS. I’ve been reading some comments from people on other sites and blogs who simply have no clue on the real story. People bashing Heartland, saying Heartland is a bunch of irresponsible idiots. Well I say it’s irresponsible to speculate and it’s irresponsible to make false accusations.
Heartland is the best company anyone could work for and the company’s integrity is unmatched in the Payments industry. Heartland plays by the rules, by the book - Heartland was in FULL COMPLIANCE with PCI-DSS (if people actually did research to get a clue, they’d know what PCI-DSS is). Heartland is listed and fully validated and registered with Visa as a compliant Service Provider. Heartland, an adolescent company, did not grow into the 5 spot of top U.S. payments processors based on processing volume by being irresponsible idiots. Please check out http://www.MerchantBillOfRights.com for a clue there. Heartland’s officers are not liars, and they certainly did not decide to make this announcement today as some alleged attempt to bury the situation into the inauguration news. No, in fact, Heartland recognized that this essentially would be a BUSY news day with MUCH exposure, and figured the timing would match our business model of full disclosure and transparency. Again, please see MerchantBillOfRights.com for a clue there. Heartland is the one and only true advocate for Main Street Merchant, your corner grocery, your favorite local eatery, your drug store where you buy your medications, and so forth. Everyone at my company is crushed by this event, because it is exactly opposite of everything we stand for. Some would say, “Well, then you should have been more aware.” And to that I say ANY processor or service provider can be breached by the same sophisticated operation that victimized Heartland. These criminals are professionals, and they will stop at nothing to get what they want.
None of this is a joke - I’ve worked for Heartland for several years now. I know the real story. Heartland did not deserve this, and we will overcome this. And so for those of you on the outside looking in, I’d ask that you do a little more digging and try to stay objective.
Ron Schenone
January 21st, 2009
at 5:40am
Thanks for the comments everyone.
Goose,
Say what? It is an AMERICAN problem which we all need to work together to solve. The election is over my friend.
Lefytstrat,
I am not sure exactly what the requirements, if any, are. One would think that there should be some requirement to report these types of breaches in a timely manner.
anonymous,
What we expect from any company that is responsible for handling consumer and merchant transactions, is a secure system. It would appear that Heartland should of been spending more money on protection and less on excuses.
The crooks are professionals? What does that say about the security implementation provided by Heartland? Are you employing non-professionals?
Thanks for stopping by and sharing your opinion.
GOOSE
January 21st, 2009
at 10:45am
Geez Mr. Blade take it easy….take it easy. I didn’t realize the election was over my friend. (sounds like McCain doesn’t it). I guess my point is now that Obama is president I will support him. BUT, we still have the majority of the same idiots in congress (no pun intended). It won’t take long until they bring the new president down to their level. I know most people just want to move forward with change but until we start holding the idiots accountable for their actions then we are just in for another round of the same…..
Ron Schenone
January 21st, 2009
at 1:03pm
Hello Goose,
We are on the same page. I agree 100%. They are idiots and Obama is in for a fight. But I am hopeful that the American people we see who the idiots are and vote them out at the next election.