Hackers attack credit card processor in massive security breach
Last Updated: Wednesday, January 21, 2009 | 9:41 AM ET
CBC News
Related
Internal Links
Video
- Ron Charles reports: Hackers attack credit card processor in massive security breach (Runs: 2:23)
- Play: QuickTime »
- Play: Real Media »
- Louise Martin reports: Hackers attack credit card processor in massive security breach (Runs: 2:36)
- Play: QuickTime »
- Play: Real Media »
A U.S.-based company that processes credit card transactions for more than 250,000 businesses has uncovered a massive security breach, officials said Tuesday.
New Jersey-based Heartland Payment Systems said malicious software in its processing system was uncovered last week.
Canadian merchants were not believed to be affected, although consumers who may have travelled to the U.S. and used a Visa or MasterCard credit card are advised to check their credit card statements for any irregularities.
"We found evidence of an intrusion last week and immediately notified federal law enforcement officials as well as the card brands," Robert H.B. Baldwin Jr., Heartland's president and chief financial officer, said in a release.
"We understand that this incident may be the result of a widespread global cyber fraud operation, and we are co-operating closely with the United States Secret Service and Department of Justice."
The company said the breach did not affect merchant data, social security numbers, unencrypted personal identification numbers, addresses or telephone numbers.
CBC News' Marivel Taruc, who spoke with Baldwin, said authorities suspect Heartland may not be the only company to have been hacked in this operation. Authorities suspect the extent of the breach could be among the largest ever committed.
"The other concern here [is] cyber experts are saying this could be the biggest breach of credit card fraud online ever … because Heartland processes 100 million transactions every month," Taruc said.
The largest online data breach — in which more than 94 million credit and debit cards were exposed — was committed in January 2007 against the TJX Cos.
A probe by the privacy commissioner's office found the Massachusetts-based parent company of Winners and HomeSense collected too much information, kept the data for too long and relied on weak WEP encryption technology to protect its wireless local networks.
The privacy commissioner also found the hackers did not use sophisticated equipment to break into the computer system.
Share Tools
Top News Headlines
- Montreal protesters march in peaceful defiance
- The clanging of pots and pans sounded throughout Montreal's downtown core Saturday night and into early Sunday morning, as thousands of protesters marched on in peaceful — but loud — defiance of Bill 78. more »
- Quebec tornadoes cause millions in damage
- Environment Canada confirms that two tornadoes — one of which was classed as a moderate F-1 packing winds of up to 150 km/h — touched down near Montreal Friday night, causing millions of dollars in damage. more »
- Teen struck by lightning in Ottawa dies
- The victim of a Friday lightning strike during a storm in east Ottawa has died, CBC News has learned. more »
- Canada's Ryder Hesjedal has Giro d'Italia title in reach
- Canadian cyclist Ryder Hesjedal remained second overall after finishing sixth Saturday in the gruelling 20th stage of the Giro d'Italia 3:36 behind stage winner Thomas De Gendt. more »
- Teen struck by lightning in Ottawa dies
- Missing Winnipeg children found in Mexico
- Quebec tornadoes cause millions in damage
- Montreal protesters march in peaceful defiance
- Woman's remains found in hockey bag on Cape Breton river
- Pope's butler arrested in Vatican leaks scandal
- Everest team unable to bring down Toronto woman's body
- WWE apologizes to Brazil over Canadian's flag stomp
- What a Greek euro exit could mean for Canada
