Communications > Security

US credit card processor exposes masses of data

Tens of millions at risk

By Nick Farrell

Wednesday, 21 January 2009, 10:52

A MAJOR US credit card processing outfit has admitted that the personal data of tens of millions of its clients has been nicked in what could be one of the biggest hacks in US history.

Heartland Payment System said that card numbers, expiration dates, and in some cases cardholder names were exposed in hacker attacks on its systems. Apparently the data was unencrypted.

The hackers used sniffer software to capture authorisation data as Heartland asked for approval from major payment companies and banks. Victims were believed to be holders of Visa, Mastercard, American Express and Discover Financial cards.

While the company said it had "industry-leading encryption", the data has to be unencrypted to request the information. At that point the sniffer was able to grab that authorisation data.

Hackers managed to install the software in May. Heartland did not spot it until the autumn. During that time it processed nearly 600 million transactions that would have been watched by the hackers.

Personal security codes were not revealed by the hack and that might limit what the hackers could do with the data. µ

Trojan writers use Google Groups Doing evil by the back door Monday, 14 September 2009, 13:18 PM Read more	Spotify is hacked Personal data swiped Thursday, 5 March 2009, 12:27 PM Read more
British hackers pose as North Koreans Glorious revolution spreads to Blighty Tuesday, 14 July 2009, 10:15 AM Read more	Hackers release new attack code for Windows Beware the claws that rend Tuesday, 29 September 2009, 10:34 AM Read more
EyeTV for Iphone Testing TV to go Friday, 16 October 2009, 15:08 PM Read more	Facebook [not] hacked for $100 Russian businessmen Friday, 18 September 2009, 14:25 PM Read more

< Previous article| Next article >

Comments

Let's hope Datacash/Commidea and the other PSP's that we commonly use in the UK aren't so careless.

posted by : Richard, 21 January 2009 Complain about this comment

For more information...

http://www.2008breach.com/

posted by : Anon, 21 January 2009 Complain about this comment

Yay ! More progress in the disclosure market

So the new record of personal data exposure is in "tens of millions". Way to go, Heartland !
Heck, I might even find myself in that list, who knows ?
More interesting : if I am in the list, are they going to bother contacting me ?
Even few months we have an alert concerning exposure of enormous magnitude, what happens after ? Could we have a follow-up on the last five big data losses and what has changed, who was fined and how much ?
Because crying "wolf" is nice, but if nothing happens after, what's the use ?

posted by : Pascal Monett, 22 January 2009 Complain about this comment

Most read
Most commented
Most popular

INQ Whitepapers

How is windows 7 working out for you?

I've installed it and I love it

I've installed it, but I don't see what all the fuss is about

It's crap and I'm reverting/changing OS

I'm not using Windows 7 yet

I'm not using Windows 7 and have no plans to do so

View other polls

©Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Search for a job:

Recruitment Agency A-Z Directory: All
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

US credit card processor exposes masses of data

Share this:

Business Intelligence Software

Customer Relationship Management (CRM)

Enterprise Accounting Software

Enterprise Resource Planning (ERP)

Enterprise Systems Management

Senior UNIX System Adminis

Providing Unix 2nd level su...

Read more

Environmental Change Advoc

I am looking for TOP ATHELE...

Read more

Business Analyst - Structu

Global Investment Bank are ...

Read more

FX Emerging Markets Quant

FX Emerging Markets Quant D...

Read more

Segment Manager IT Lessors

SG Equipment Finance is cur...

Read more