Security breach compromises bank and credit cards across the US
Many Dyer County residents received notices from their banks last month about compromised credit and debit cards.
The problem stems from a breach at Heartland Payment Systems, a company that processes payment card transactions for more than 250,000 businesses including many restaurants and retail stores.
Heartland became aware of the breach after Visa and Mastercard notified them of suspicious transactions linked to their accounts.
The company hired two breach forensics teams to investigate, and uncovered malicious software had been running on their payment-processing network from May 15 until Nov 13.
The software was designed to record data from the cards as the information was being sent to Heartland.
The types of information potentially compromised by the breach are card numbers, expiration dates, cv code, and in some cases, the name of the cardholder.
Robert Baldwin, Heartland's president and chief financial officer, stated that with the type and amount of data stolen, identity theft was not likely.
"In this case, the amount of information we know they did not get is long enough that, except in very circumscribed cases, identity theft is just not possible," said Baldwin.
Although the threat of identity theft is low in this case, the information could be used to create fake bankcards that could then be used to purchase items.
The cardholder has zero liability as long as fraudulent activity is reported in a timely manner (usually 120 days).
While some larger corporations and banks may choose to take a passive stance, canceling cards only if suspicious activity is reported, smaller local banks tend to be more proactive.
First Citizens National Bank has reissued over 8,000 new cards due to the incident, and Security Bank has reissued thousands more.
"Whenever there is a situation like this, our response is to alert the customer, shut the card down, and reissue the card," said FCNB Executive Vice President Judy Long. "Rest assured that First Citizens is making every effort to protect (customer) information from unauthorized access."
Both banks have safeguards to protect their customers from fraud, but suggest everyone help protect themselves by monitoring their bank and credit card statements, shredding old bills and receipts, and locking up checkbooks and records.
"When people think of vaults, they usually picture a vault of money like the one downstairs," said Security Bank President David Hayes. "Now we have vaults of cash, and vaults of information, and it's important to protect both."
At least one local bank is involved in a class-action lawsuit filed against Heartland in February to help offset the cost of their protective measures.
As a result of this breach, Heartland is taking steps to increase security against cyber criminals.
Near the end of January, Heartland formed an internal department dedicated to the development of end-to-end encryption.
"I believe the development and deployment of end-to-end encryption will provide us the ability to implement increasing levels of security protection as they become needed," said Robert Carr, the company's chairman and CEO. "Heartland has been working on the development of end-to-end encryption, but in light of our recent data breach and the impact cyber fraud has had on the public and processors nationwide, we are ramping up our efforts."