I cannot believe, when we’re all absorbed by the inauguration of a new President in the world’s largest economy, that Heartland Payments Systems had the lack of heart to release news that malware on their systems had been recording every payment made through their network to an external source.
Heartland Payment Systems chose to release this news on 20th January to bury it, but it has not worked. I spotted it, and I’m thousands of miles away from Heartland’s offices (thanks to the internet again!).
They won’t say how many people are affected, but it does seem to be that every credit card number using their payment system has been compromised. As they’re used by over 250,000 businesses, with 40% of transactions from small
to mid-sized restaurants across America. In other words, every American credit and debit card has probably been breached.
Robert Baldwin, CFO and President of Heartland, admits they have no idea how long the malicious software was in
place, how it got there or how many accounts have been compromised, but does admit that the
stolen data would include names, credit and debit card numbers and expiration dates.
“The transactional data crossing our platform, in terms of magnitude… is
about 100 million transactions a month”, he said. “At this point, though,
we don’t know the magnitude of what was grabbed.”
Mr. Baldwin. You were right. A great day to release bad news.
And shame on you.
p.s. their website was down as I wrote this … I wonder why?