Honey…What’s This Charge For?

Just as the details around the security breach at Heartland Payment Systems is starting to come to light, a new update was released this week showing yet another payment processor has been hacked.  Visa and Mastercard are keeping the victim’s identity under wraps at this time due to the on-going investigation, but they also stressed that this is a new attack and is NOT related to the prior Heartland breach.

Initial information shows that the compromised accounts were exposed from February 2008 through August 2008.  According to the credit card firms, this incident, although significant, does not appear (at least for now) to be as large as the Heartland Breach.  Also on the positive side the compromised data was limited to “card not present” transactions and those transactions containing full track data do not seem to be involved in this incident.  Given this, it is wise for everyone to keep a close eye on credit card statements as it is likely that the perpetrators will try to use this information for online purchases where full card data is not needed.

More information can be found on a few affected credit unions website’s that are posting the alerts to include:  The Tuscaloosa VA Federal Credit Union and the Pennsylvania Credit Union Association. The Open Security Foundation also has a notice posted on its DataLossDB site.