Credit Card Breach
Jan. 30th, 2009 04:43 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
deguspiceA couple of days ago, I heard from a friend that a large credit card processor discovered that they had been breached, but they waited until January 20th to release the news, the same day as the inauguration, so not many people have heard about it.
Today, I got an automated phone call from one of my credit card companies saying that there was some suspicious activity and they wanted to know if I wanted to press 1 to report my card as being "lost or compromised" or press 2 to report later that my card was lost or compromised. There wasn't a third option for talking to a human or get more info.
Calling up the credit card company, the person I spoke to said that a lot of cards were compromised and started looking up the info, and then she must have found the page because she started reciting company policy that they couldn't reveal what sort of incidents or credit card usage patterns trigger a fraud alert.
My guess is that my card was one of the cards that was processed by Heartland Payment Systems.
It hasn't yet been reveled how many cards have been compromised, but it looks like this security breach will dwarf the 45,000,000+ card numbers that were reported stolen from TJ Max. Heartland processes 100,000,000 credit card transactions per month and it appears that their system was breached in May, but Heartland didn't find out about the breach until MasterCard and Visa approached them in October. It appears that while Heartland keeps their data encrypted, it's sent as clear text to MasterCard and Visa.
For more details about the breach, see the articles at storefrontbacktalk.com
http://www.storefrontbacktalk.com/securityfraud/heartland-sniffer-hid-in-unallocated-portion-of-disk/
(click on green links for other articles about the breach)
So, once again the advice is to keep a close eye on your credit card statements.
Today, I got an automated phone call from one of my credit card companies saying that there was some suspicious activity and they wanted to know if I wanted to press 1 to report my card as being "lost or compromised" or press 2 to report later that my card was lost or compromised. There wasn't a third option for talking to a human or get more info.
Calling up the credit card company, the person I spoke to said that a lot of cards were compromised and started looking up the info, and then she must have found the page because she started reciting company policy that they couldn't reveal what sort of incidents or credit card usage patterns trigger a fraud alert.
My guess is that my card was one of the cards that was processed by Heartland Payment Systems.
It hasn't yet been reveled how many cards have been compromised, but it looks like this security breach will dwarf the 45,000,000+ card numbers that were reported stolen from TJ Max. Heartland processes 100,000,000 credit card transactions per month and it appears that their system was breached in May, but Heartland didn't find out about the breach until MasterCard and Visa approached them in October. It appears that while Heartland keeps their data encrypted, it's sent as clear text to MasterCard and Visa.
For more details about the breach, see the articles at storefrontbacktalk.com
http://www.storefrontbacktalk.com/securityfraud/heartland-sniffer-hid-in-unallocated-portion-of-disk/
(click on green links for other articles about the breach)
So, once again the advice is to keep a close eye on your credit card statements.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2009-01-30 11:23 pm (UTC)You: hello?
Automated voice: Please press 1 if you want to report your card as lost or compromised, or press 2 to report later that your card was lost or compromised.
You: huh?
Automated voice: I did not understand your request. (repeats)
You: (press EITHER 1 OR 2, it doesn't matter)
Automated voice: To confirm your card as lost, you must now enter your cc#, followed by a the pound sign. After that, enter your 4 digit expiration date, and after that a pound sign, after that, enter your 3 digit security code then another pound sign.
(afterwards) Thank you for using "we're a crook" incorporated. Please watch your credit card statement for false charges. You can then close out the account, and your CC company will eat the fact that we've just spent a few thousand dollars on their dime. Thank you very much for your credit card number! See you in Rio!
Actually....
Date: 2009-01-31 03:49 am (UTC)no subject
Date: 2009-02-01 04:37 am (UTC)The new card arrived today. I haven't seen any suspect charges, but I'll be checking fairly carefully.
*wry grin*