US firm reveals possibly biggest data breach so farJanuary 21st, 2009 - 12:19 pm ICT by IANS
San Francisco, Jan 21 (DPA) Credit-card processing company Heartland has revealed what is possibly the greatest data breach in history, prompting widespread speculation that it waited until the inauguration of President Barack Obama to release the news.The company serves some 250,000 businesses and processes an estimated 100 million transactions a month. It said that it discovered the data breach after being alerted about suspicious activities by credit card companies Visa and Mastercard, and had discovered that unknown intruders had broken into its systems sometime last year and planted malicious software to steal card data carried on the company’s networks.
Heartland said Tuesday that the breach had not compromised merchant data, cardholder’s Social Security numbers or unencrypted personal identification numbers, addresses or telephone numbers. But the hackers are thought to have stolen data that would enable them to create duplicate up to 100 million credit cards.
“We found evidence of an intrusion last week and immediately notified federal law enforcement officials as well as the card brands,” said Robert Baldwin Jr, Heartland’s president and chief financial officer.
“We understand that this incident may be the result of a widespread global cyber fraud operation, and we are cooperating closely with the United States Secret Service and Department of Justice.”
Previously, the biggest data breach in history was an intrusion into US retailer TJ Maxx, which compromised almost 50 million cards.
Avivah Litan, a fraud analyst with Gartner Inc, questioned the timing of Heartland’s disclosure - on a day that many Americans and news outlets were glued to coverage of Barack Obama’s inauguration.
“This looks like the biggest breach ever disclosed, and they’re doing it on inauguration day?” Litan told the Washington Post. “I can’t believe they waited until today to disclose. That seems very deceptive.”
Tags: barack obama, card brands, credit card processing, cyber fraud, gartner inc, global cyber, heartland, inauguration day, inauguration of president, law enforcement officials, malicious software, merchant data, personal identification numbers, processing company, robert baldwin, social security numbers, states secret service, suspicious activities, united states secret service, washington post