The largest credit card data breach ever?
Malicious software in the network of US payment processor Heartland leads to data on 100 million transactions being compromised.
US-based payments processor Heartland Payment Systems was the victim of a massive security breach, which could have exposed customer information associated with the 100 million transactions it handles each month.
Heartland found evidence of the intrusion last week, and notified law enforcement officials as well as the card brands involved. It said that the incident could have been the result of a widespread global fraud operation.
The only data compromised was names, card numbers and expiration dates as well as the information on the card's magnetic strip which could be used to duplicate cards.
Heartland was alerted by Visa and MasterCard of suspicious activity surrounding processed card transactions. An investigation uncovered malicious software compromising data across Heartland's network.
Richard Wang, of SophosLabs US, said that it appeared the information stolen was enough to create fake cards.
He said on his company's blog: "Although addresses were not compromised by this breach, making card not present' fraud more difficult, this provides one more piece in the puzzle for anyone trying to assemble stolen identities."
"A name and card number from one breach could be used along with name and address from another source to build a more complete identity."
For anyone affected by the breach, more information is available on a specially-created website run by Heartland.
Navigating the new normal: A fast guide to remote working
A smooth transition will support operations for years to comeDownload now
Leading the data race
The trends driving the future of data scienceDownload now
How to create 1:1 customer experiences at scale
Meet the technology capable of delivering the personalisation your customers craveDownload now
How to achieve daily SAP releases
Accelerate the pace of SAP change to support your digital strategyDownload now