Company That Had The Largest Ever Credit Card Data Breach... Apparently Breached Again [Update]

from the hits-you-in-the-heartland dept

Thu, Aug 12th 2010 4:31pm — Mike Masnick

Remember Heartland Payment Systems? It's the giant credit card clearinghouse that was involved in the largest ever security breach in terms of the number of credit card numbers exposed. They were successfully targeted by the same guys who had also set the previous record for largest credit card data breach, so you could question whether the issue was just a sophisticated group of hackers or poor security at Heartland (or, possibly, a combination of both). Either way, it looks like Heartland may still have some issues. Carlo sends over the news that a new security breach has been discovered at a restaurant in Austin, Texas that appears to involve someone hacking into the network between the restaurant and Heartland. It's not yet clear if this goes beyond that one restaurant, but this can't look good for Heartland.

Update: Heartland got in touch to let us know that this appears to be an issue outside of Heartland's system, and that Heartland is not the target of the investigation into the breach. Heartland's press release is basically pointing out that the weakness was with the restaurant's credit card security, not its own.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: breach, credit cards, security
Companies: heartland payment systems

11 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Wolfy, 12 Aug 2010 @ 5:39pm

Another argument in favor of cash.
[ link to this | view in chronology ]
CJ (profile), 12 Aug 2010 @ 7:18pm

Lets stick around, and see what kind, and how bad, their punishment is for this. Then we'll know whom to look at to blame the next breech on. I have not seen one as of yet that really got punished properly.
[ link to this | view in chronology ]
This comment has been flagged by the community. Click here to show it

Anonymous Coward, 12 Aug 2010 @ 8:22pm

Remember Heartland Payment Systems?
More importantly, Remember Carlo?

Is this the same Carlo you fired about a year ago? How's he been? Is he still in Vegas?
[ link to this | view in chronology ]
Willbfree1 (profile), 13 Aug 2010 @ 6:22am

Security Breach Again!
This so sad for this company and customers. This is a lose lose situation. When this company fix the problem it will still lose customers and the former customers will never trust any other company fully again.
[ link to this | view in chronology ]
- Ed C, 13 Aug 2010 @ 12:12pm
  
  Re: Security Breach Again!
  What I think is unreasonable is that with all of the money Heartland gets from handling financial transactions and information, that it can't even be bothered to insure their security. The business is founded on the trust that they can be handled security, and that trust has been broken. Any lose of business that results from these breaches is the lest they deserve.
  [ link to this | view in chronology ]
Chris, 13 Aug 2010 @ 7:23am

PCI
So how's that PCI compliance requirement working out for everyone?
[ link to this | view in chronology ]
Anonymous Coward, 14 Aug 2010 @ 5:36pm

Remember Heartland Payment Systems? It's the giant credit card clearinghouse that was involved in the largest ever security breach in terms of the number of credit card numbers exposed.

Largest ever? I think you mean largest yet. :P
[ link to this | view in chronology ]
Anonymous Coward, 16 Aug 2010 @ 7:37am

Somebody else's fault?
Details are scarce in these reports, but it looks as if the numbers were going through the network in the clear. At what point in the chain did Heartland first have the ability to encrypt them with Heartland's public key?

If they were intercepted before this point, then I think Heartland was not to blame...
[ link to this | view in chronology ]
credit card machines for small business, 1 Oct 2010 @ 5:40pm

double trouble
oh! that makes two, 3 strikes and they're out
[ link to this | view in chronology ]
credit card machines for small business, 19 Nov 2010 @ 3:45pm

small business.
I say that we just make it a 2 strike rule and get rid of these guys. Fool me once, shame on you, fool me twice, shame on me.
[ link to this | view in chronology ]
lrobbo (profile), 12 Jun 2012 @ 11:43am

Fool me twice,er, won't, er won't get fooled again . . .
[ link to this | view in chronology ]