Heartland Payment Systems déjà vu. Another payment processor is breached

These days it has announced that one more large payment processor has been hacked. This information has already been confirmed by such reputable sources as DataBreaches.net and DataLossDB. However it is stressed that this processor has no relation to infamous Heartland Payment Systems though the scheme is familiar. The only fact that makes everybody ‘happy’ is that only credit-card numbers and expiration dates have been accessed by the swindlers but not the magnetic stripe data. This information is insufficient to create counterfeit cards that would lead to card present fraudulent transactions. This time the report came again from Visa and MasterCard companies though both payment systems refuse to reveal the name of the intruded company since the company hasn’t issued an official statement yet.

According to DataBreaches.net the first signal about system breach started coming from Visa payment system on Monday, February 9, 2009 under CAMS event series US- 2009-0088-IC. “They expect to have all accounts released by Friday, February 13. MasterCard began releasing accounts on Wednesday, February 11, 2009 under MC Alert series MCA0150-US-09. They have not provided any information as to when they expect to have all their accounts released. The current window of exposure provided by both card associations is from February 2008 through January 2009,” says databreaches.net. 

The information about the hacked payment processor is very poor. It is known that the company is based in the US and it is a very large compromise, similar to the Heartland compromise, but slightly smaller. The Tuscaloosa Federal Credit Union and the Pennsylvania Credit Union Association both were informed about the breach. The investigation is continuing.