Protecting yourself

Heartland data breach aftershocks continue

Emily Crone

The fallout from the major data breach announced in January from Heartland Payment Systems isn’t over. At least 250,000 merchants use the New Jersey-based payment processor, making it the fifth largest payment processor in the country.  Millions of credit and debit card transactions were compromised in 2008 due to malicious software installed by hackers. I was recently informed by my bank that my account may have been compromised, and I was issued a new debit card.

The aftershocks continue, with banks large and small reporting impacts. The Globe Gazette, which serves Mason City, Iowa, reports that due to the breach, many banks and credit unions in the state are issuing new cards to customers. The heads of several banks say they continue to receive lists of customers who may have been affected and are closing those accounts and issuing new cards. One bank president says nobody has actually lost any money (to their knowledge), and another local bank’s vice president said they had not incurred any fraud losses. However, the lists of names of affected customers keep coming.

The effects of the data breach have also spread to Maine, according to an article in the Bangor News. The article says personal information from more than 3,000 cards (both credit and debit) from the Bangor Federal Credit Union were compromised, as were 18,000 accounts at the Bangor Savings Bank. While all of that personal data was compromised, no money has yet been lost, the banks say. Bangor News says the lists of affected customers continue to come in and probably won’t be stopping anytime soon. Jon Paradise of the Maine Credit Union League is quoted as saying,  “The shakeout from this data breach is an ongoing thing. To various degrees, it is affecting all financial institutions and credit card companies.”

Mark Ross, vice chairman of the Bank of the Ozarks, agrees, according to a recent article in the Arkansas Democrat Gazette. Ross said due to the huge number of transactions that go through Heartland, “the breach could have some impact on every bank in the country that offers credit cards or debit cards.” As they continue to get lists of names, Simmons First National Corp., Bank of the Ozarks and other Arkansas banks are closing compromised accounts and issuing new cards to customers. It’s not certain that these customers’ information is actually threatened, but the banks are choosing to be on the safe side and close the exposed accounts.

How long will the fallout continue, and will the breach actually result in any financial losses besides those the banks are enduring from issuing so many new cards?

See related: Heartland Payment Systems breach claims another victim: Me, Few answers in massive security breach, It’s smelling phishy: more attempts to steal my data

Join the Discussion

We encourage an active and insightful conversation among our users. Please help us keep our community civil and respectful. For your safety, we ask that you do not disclose confidential or personal information such as your bank account numbers, social security numbers, etc. Keep in mind that anything you post may be disclosed, published, transmitted or reused.

The editorial content on is not sponsored by any bank or credit card issuer. The journalists in the editorial department are separate from the company's business operations. The comments posted below are not provided, reviewed or approved by any company mentioned in our editorial content. Additionally, any companies mentioned in the content do not assume responsibility to ensure that all posts and/or questions are answered.

  • John Franks

    Most companies enjoy “security” insofar as they haven’t been targeted, or had an employee make a human error with catastrophic exposure. Price Waterhouse Cooper and Carnegie-Mellon’s CyLab have recent surveys that show the senior executive class to be, basically, clueless regarding IT risk and its tie to overall enterprise (business) risk. Data breaches and thefts are due to a lagging business culture absent new eCulture, breaches will, and continue to, increase. For example: Microsoft patched for the worm affecting Heartland 4 months ago. As CIO, I’m constantly seeking things that work, in hopes that good ideas make their way back to me – check your local library: A book that is required reading is “I.T. WARS: Managing the Business-Technology Weave in the New Millennium.” It also helps outside agencies understand your values and practices.
    The author, David Scott, has an interview about it.

  • One of my cards was part of this theft, so I was sent a new card and had to update all of my automatic monthly deductions…that was a couple of hours i’d rather have back.