Credit card processing company Heartland Payment Systems discloses Jan. 20 that it suffered a malware attack in 2008 that may have compromised financial data. The security discovery was made after officials from Visa and MasterCard reported suspicious activity involving processed card transactions, Heartland Payment systems says.
Payments processor Heartland Payment Systems disclosed Jan. 20 that it was
hit with a malware attack in 2009 that may have resulted in a large cache of
financial data being compromised.
The company said it launched an investigation after officials at Visa and
MasterCard reported suspicious activity surrounding processed card
transactions. In response, Heartland enlisted forensic auditors to conduct an
investigation. The week of Jan. 12, the investigation uncovered malicious
software that compromised data that crossed Heartland's network, Heartland
In a statement released Jan. 20, Heartland declared that the
breach had been contained. The company added that no merchant data or
cardholder Social Security numbers, unencrypted PINs, addresses, or telephone
numbers were involved in the breach. None of Heartland's check-management
systems were involved either, officials said.
here to read about spam linking to a malicious site imitating Barack Obama's official Web site.
"We found evidence of an intrusion last week and immediately notified
federal law enforcement officials as well as the card brands," Robert H.B.
Baldwin, Jr., Heartland's president and chief financial officer, said in the
statement. "We understand that this incident may be the result of a
widespread global cyber-fraud operation, and we are cooperating closely with
the United States Secret Service and Department of Justice."
In the wake of the incident, Heartland has announced plans to implement a
program designed to flag network anomalies in real time and help law
enforcement catch cyber-criminals. The company has also created a Web site,
information about the situation. Cardholders are not responsible for
unauthorized fraudulent charges made by third parties.
"Heartland apologizes for any inconvenience this situation has
caused," Baldwin said. "Heartland is deeply
committed to maintaining the security of cardholder data, and we will continue
doing everything reasonably possible to achieve this objective."
Heartland Payment Systems provides credit, debit,
prepaid card processing, payroll, check management and payments solutions to
more than 250,000 business locations nationwide.