The fallout from the major data breach announced in January from Heartland Payment Systems isn’t over. At least 250,000 merchants use the New Jersey-based payment processor, making it the fifth largest payment processor in the country. Millions of credit and debit card transactions were compromised in 2008 due to malicious software installed by hackers. I was recently informed by my bank that my account may have been compromised, and I was issued a new debit card.
The aftershocks continue, with banks large and small reporting impacts. The Globe Gazette, which serves Mason City, Iowa, reports that due to the breach, many banks and credit unions in the state are issuing new cards to customers. The heads of several banks say they continue to receive lists of customers who may have been affected and are closing those accounts and issuing new cards. One bank president says nobody has actually lost any money (to their knowledge), and another local bank’s vice president said they had not incurred any fraud losses. However, the lists of names of affected customers keep coming.
The effects of the data breach have also spread to Maine, according to an article in the Bangor News. The article says personal information from more than 3,000 cards (both credit and debit) from the Bangor Federal Credit Union were compromised, as were 18,000 accounts at the Bangor Savings Bank. While all of that personal data was compromised, no money has yet been lost, the banks say. Bangor News says the lists of affected customers continue to come in and probably won’t be stopping anytime soon. Jon Paradise of the Maine Credit Union League is quoted as saying, “The shakeout from this data breach is an ongoing thing. To various degrees, it is affecting all financial institutions and credit card companies.”
Mark Ross, vice chairman of the Bank of the Ozarks, agrees, according to a recent article in the Arkansas Democrat Gazette. Ross said due to the huge number of transactions that go through Heartland, “the breach could have some impact on every bank in the country that offers credit cards or debit cards.” As they continue to get lists of names, Simmons First National Corp., Bank of the Ozarks and other Arkansas banks are closing compromised accounts and issuing new cards to customers. It’s not certain that these customers’ information is actually threatened, but the banks are choosing to be on the safe side and close the exposed accounts.
How long will the fallout continue, and will the breach actually result in any financial losses besides those the banks are enduring from issuing so many new cards?
See related: Heartland Payment Systems breach claims another victim: Me, Few answers in massive security breach, It’s smelling phishy: more attempts to steal my data