Company's breach may be largest ever

Jan. 20, 2009 at 5:25 PM
share with facebook
share with twitter

PRINCETON, N.J., Jan. 20 (UPI) -- A breach at Heartland Payment Systems may have led to the theft of more than 100 million credit and debit card accounts, the U.S. company says.

The Washington Post reported Tuesday that if the estimate is correct, the incident last year would be one of the largest data breaches ever reported.

The Princeton, N.J., company, which processes payments for more than 250,000 businesses, began receiving fraudulent activity reports late last year from MasterCard and Visa on cards that had all been used at merchants that use their service, said Robert Baldwin, Heartland's president and chief financial officer.

While declining to disclose what well-known establishments were affected, he said 40 percent of transactions the company processes are from small to midsized restaurants.

"No merchant of ours represents even (0.1 percent) of our volume, and to put out any name associated with what is obviously an unfortunate incident is not fair," he was quoted as saying.

Baldwin said Heartland called the U.S. Secret Service and hired two breach forensics teams to investigate the breach.

Last week, investigators determined that a piece of malicious data recording software planted on the company's payment processing network was to blame.

Related UPI Stories
Trending Stories