On mySimon: Prince Rocking Horse
BNET Business Network:
BNET
TechRepublic
ZDNet

January 20th, 2009

It's a good day to disclose the largest credit card data breach ever

Posted by Adam O'Donnell @ 11:00 am

Categories: Data theft, Malware, Privacy

Tags: Payment Processing, Credit Card, Heartland, Sales Channel, Financial Services, Sales, Adam O'Donnell

While the majority of American media is glued to the quadrennial spectacle that is the Presidential inauguration, Heartland Payment Systems has uncovered a piece of malware hidden in their payment processing system. This has apparently lead to what may be the largest data breach ever.

Hearland Payment Systems, a credit card payment processor, apparently chose the completely innocuous day of January 20th, 2009 to inform the world that a data breach occured, and that it did not affect any “merchant data or cardholder Social Security numbers, unencrypted PINs, addresses or telephone numbers”. What possibly was affected, however, was every credit card number that traversed their payment processing system.

Anyone who used a Visa or Mastercard at one of a quarter of a million businesses may have been affected. For the small number of you who fall into this category, I recommend going through your old credit card statements just in case you were one of the victims. In all honesty, the probability of any one person being victimized by this is pretty slim, but vigilance is never a bad thing.

Heartland has apologized for the incident, and has put up a website at 2008breach.com to communicate with the public about the issue.

Adam O'DonnellAdam J. O'Donnell, Ph.D. is an R&D engineer who has focused on computer security since 2000. He currently is the Director of Emerging Technologies at Cloudmark, a messaging security company located in San Francisco. See his full profile and disclosure of his industry affiliations.

Email Adam O'Donnell

Subscribe to Zero Day via Email alerts or RSS.

  • Talkback
  • Most Recent of 19 Talkback(s)
Not necessarily...
we can't be so quick to point to an O/S. I'm betting a human had a hand in this, either intentionally or not. Remember the major online bill provider that got hacked last month? that wasn't because ... (Read the rest)
Posted by: shaddup Posted on: 01/24/09 You are currently: a Guest | | Terms of Use
"Today I say to you that the challenges we face are real.."  ksingletary | 01/20/09
RE: It's a good day to disclose the largest credit card data breach ever  tburzio | 01/20/09
When the operating system isn't mentioned.  kozmcrae | 01/20/09
i guess it easy  dave@... | 01/20/09
Right...  Metronome49 | 01/21/09
Since ppl will post their guesses  Boot_Agnostic | 01/20/09
For the small number of you...  recurvebowyer | 01/20/09
RE: It's a good day to disclose the largest credit card data breach ever  carthaginian1 | 01/21/09
RE: It's a good day to disclose the largest credit card data breach ever  carthaginian1 | 01/21/09
Keylogging S/W was discoverd  Alan Smithie | 01/21/09
Not necessarily...  shaddup | 01/24/09
Trust "Cloud" computing? Not a chance.  No_Ax_to_Grind | 01/21/09
Perhaps, and this is just maybe..  User07734 | 01/21/09
The 250K 'businesses' is incorrect. Please get your facts straight.  asad.quraishi@... | 01/21/09
Victims  Illudium Q-36 Explosive Space Modulator | 01/21/09
gee... I often wonder  BlueBerry Pick'n | 01/21/09
How often do we have go through this?  duclod | 01/21/09
RE: It's a good day to disclose the largest credit card data breach ever  johnfranks999 | 01/22/09
RE: It's a good day to disclose the largest credit card data breach ever  Sandra_Jean | 01/23/09

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Essential Topics Click Here

advertisement

Recent Entries

advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads