Possibly a new record…”Heartland Payment Systems (HPY) on Tuesday disclosed that intruders hacked into the computers it uses to process 100 million payment card transactions per month for 175,000 merchants.” – this is a quote out of Today’s USAToday article disclosing what may be the largest recorded breach to date…beating the TJX breach which they cite at 94 Million records (note my previous reports that cite numbers anywhere from 50 to 150 million records). This is apparently the work of organized crime; a group the article says may be responsible for other attacks under investigation. An actual record count was not provided – stay tuned for updates on this.
Also important in this report is a look at some of the investigation tactics. A Security firm called CardCops stakes out chat rooms where hackers spend time reviewing schemes, testing card numbers, and as we’ve seen in the past, boasting of recent successes. Recent reports show “a 20% year-over-year increase in Internet chat room activity where hackers test batches of payment card numbers to make sure that they’re active.”
Sales Note: Many mid-market companies are using third parties to process credit card transactions. Breaches, while not the fault of the mid-market company, still affect that company’s reputation. When conducting risk assessments or even discussing security, leverage these sound bites to create opportunity. This may justify a look at the processing center on behalf of the organization you are working with.